Login Sign Up

CVE-2023-1222

8.8 HIGH

📋 TL;DR

This vulnerability is a heap buffer overflow in Chrome's Web Audio API that allows remote attackers to potentially exploit heap corruption via malicious web pages. It affects all users running Google Chrome versions prior to 111.0.5563.64. Attackers could execute arbitrary code or cause denial of service.

💻 Affected Systems

Products:
  • Google Chrome
  • Chromium-based browsers
Versions: All versions prior to 111.0.5563.64
Operating Systems: Windows, macOS, Linux, Android, iOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default Chrome installations are vulnerable. Other Chromium-based browsers may also be affected.

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Browser crash (denial of service) or limited memory corruption leading to unstable browser behavior.

🟢

If Mitigated

No impact if Chrome is updated to patched version or if exploit attempts are blocked by security controls.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user to visit malicious webpage. No public exploit code available at disclosure.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 111.0.5563.64 and later

Vendor Advisory: https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html

Restart Required: Yes

Instructions:

1. Open Chrome 2. Click menu (three dots) → Help → About Google Chrome 3. Chrome will automatically check for and install updates 4. Click 'Relaunch' to restart Chrome

🔧 Temporary Workarounds

Disable JavaScript

all

Prevents execution of malicious JavaScript that could trigger the vulnerability

chrome://settings/content/javascript → Block

Use browser sandboxing

all

Run Chrome in sandboxed environment to limit impact

🧯 If You Can't Patch

  • Block access to untrusted websites using web filtering
  • Implement application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: If version is less than 111.0.5563.64, system is vulnerable

Check Version:

chrome://version

Verify Fix Applied:

Confirm Chrome version is 111.0.5563.64 or higher

📡 Detection & Monitoring

Log Indicators:

  • Chrome crash reports
  • Unexpected process termination events
  • Memory access violation logs

Network Indicators:

  • Requests to known malicious domains hosting exploit code
  • Unusual Web Audio API traffic patterns

SIEM Query:

source="chrome" AND (event_type="crash" OR message="*WebAudio*" OR message="*heap*overflow*")

📊 Metadata

CVE ID: CVE-2023-1222
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: March 7, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-1222, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)