Researchers have found critical SQLite vulnerabilities ” Magellan 2.0″ in one of the known browser Google Chrome that can let hackers run remote code execution and exploit chromium render process.
Magellan 2.0 is a set of five vulnerabilities that are caused by improper input validation in SQL commands the SQLite database receives from a third-party. These vulnerabilities affect the versions of Chrome before 79.03945.79 with WebSQL enabled.
Tencent Blade Team first discovered the vulnerabilities and successfully tested the exploit on the Chrome and immediately reported it to the Google Team.
Attackers can take advantage of these vulnerabilities and can result in leaking program memory or causing program crashes.
These vulnerabilities named as following CVE:
CVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752, CVE-2019-13753.
However, no evidence found that the vulnerabilities have been misused; neither any code of the exploit is publicly available
If your version of chrome is before 79 it is recommended to update the version of chrome. It will be the last vulnerability discovered in Google Chrome.
