New Delhi: The Indian Computer Emergency Response Team (CERT-In) which operates under the Ministry of Electronics & Information Technology cautioned users about vulnerabilities in Google Chrome and Siemens Products. These vulnerabilities could potentially enable attackers to execute arbitrary code on the targeted system.


Which software versions of Google Chrome are affected?


COMMERCIAL BREAK
SCROLL TO CONTINUE READING

The affected versions of Google Chrome are those released before 125.0.6422.112/.113 for Windows and Mac and prior to 125.0.6422.112 for Linux.


Which Siemens products are affected?


Affected Siemens products include Parasolid, SIMATIC RTLS, Simcenter Nastran, SIMATIC CN 4100, RUGGEDCOM, Solid Edge, Teamcenter Visualization, JT2Go, CPC80, and CPCI85, among others. "A vulnerability has been reported in Google Chrome for Desktop which could be exploited by a remote attacker to execute arbitrary code on the targeted system," said the CERT-In advisory.


The 'Remote Code Execution' vulnerability exists in Google Chrome for Desktop due to the 'Type Confusion' flaw in V8. An attacker could exploit this vulnerability by sending a specially crafted request.


Moreover, the cyber agency said that the multiple vulnerabilities reported in Siemens Products could allow an attacker to execute arbitrary code, escalate privileges or perform denial of service (DoS) conditions on the targeted system.The agency suggested users apply appropriate security updates as mentioned by the companies. (With IANS Inputs)