Google Chrome’s ninth zero-day in 2022

Threat Advisories

Google Chrome’s ninth zero-day in 2022

Threat Level
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

CVE-2022-4262 is the fourth actively exploited type confusion bug in Chrome addressed by Google and the ninth zero-day flaw exploited in the wild in 2022. The bug exists as a result of a type confusion issue in Google Chrome’s V8 engine. A remote attacker can construct a specially tailored web page, lure the victim into accessing it, cause type confusion, and then execute arbitrary code on the targeted system.