Skip to end of banner
Go to start of banner

Vulnerability Update - Remote Code Execution in Chrome (CVE-2023-5217)

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Background

A critical vulnerability has been reported around remote code execution in Chrome, specifically known as ‘Google Chrome libvpx Heap Buffer Overflow Vulnerability’ - https://nvd.nist.gov/vuln/detail/CVE-2023-5217

Having conducted an analysis of our usage of this compontent, we believe this DOES presents a possible risk within our dashboard software, which could be exploited and therefore we plan to resolve this by patching our September 23 dashboard release to remedy the threat. .

Further updates will be added to this page as we make progress on the patch release. We will provide a further update on that in due course

Events

To help keep customers informed of our latest responses to the issue, we have created an events table to detail the key steps we have/are taking

Date

Event

We became aware of a critical vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-5217 and began to investigate

Assessment of possible impact completed, and confirmed this could impact on our dashboard software

Decision made to apply a patch to our September 23 dashboard release to provide greater resilience.

Development in progress - release name TBC

TBC

Patched release to be made available for customer release/download

Recommendations

More information to follow

Release Availability

More information to follow

  • No labels