June 7, 2022

CVE-2022-1633 – 1641

Coverage and Recommendation for Lookout Admins

Lookout admins should proactively enable the vulnerability protection policy in the Lookout console and configure it with the appropriate severity and remediation actions that align with their organization’s response workflows. As of June 2nd, 2022, Lookout will alert on Chrome versions 101.0.4951.60 or before as vulnerable.

Overview

External researchers recently discovered and disclosed to Google nine vulnerabilities in Google Chrome for Android. The vulnerabilities are defined in CVE-2022-1633 through CVE-2022-1641 and may enable exploitation via a malcrafted webpage. Successful exploitation may allow the attacker to compromise the user's data on a vulnerable device, and they exist across several components of Chrome.

  • CVE-2022-1633: Use after free in Sharesheet.
  • CVE-2022-1634: Use after free in Browser UI.
  • CVE-2022-1635: Use after free in Permission Prompts.
  • CVE-2022-1636: Use after free in Performance APIs.
  • CVE-2022-1637: Inappropriate implementation in Web Contents.
  • CVE-2022-1638: Heap buffer overflow in V8 Internationalization.
  • CVE-2022-1639: Use after free in ANGLE.
  • CVE-2022-1640: Use after free in Sharing.
  • CVE-2022-1641: Use after free in Web UI Diagnostics.

Lookout Analysis

The most likely way for an attacker to exploit this vulnerability would be to send a link leading to a malcrafted webpage to their target in hopes that the target still has a vulnerable version of Chrome on their device. A successful exploit may grant a threat actor access to Chrome's capabilities without needing to root the device. Mobile device management (MDM) tools will not detect a successful exploitation. In the event of a successful exploit, the actor could have access to any capability that the browser has.

Authors

Lookout

Cloud & Endpoint Security

Lookout, Inc. is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack. Data is at the core of every organization, and our approach to cybersecurity is designed to protect that data within today’s evolving threat landscape no matter where or how it moves.

Entry Type
Threat Guidances
Platform(s) Affected
Android
Threat Type
Vulnerability
Platform(s) Affected
Threat Guidances
Android
Vulnerability

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

HeaderHeaderHeaderHeader
CellCellCellCell
CellCellCellCell
CellCellCellCell
CellCellCellCell