The researcher has published an RCE exploit for Chrome, Opera, Brave and other Chromium browsers
Indian researcher Rajvardhan Agarwal posted on Twitter the RCE exploit code for a recently discovered vulnerability affecting Chromium browsers including Chrome, Edge, Opera, Brave and others.
The researcher claims that this exploit was used to compromise Chrome and Edge in the recently concluded Pwn2Own competition by experts from the Dataflow Security team, who received $ 100,000 for demonstrating the bug. According to the rules of the competition, information about this error has not yet been released, but has been passed on to Google engineers so that they can fix the problem as soon as possible.
“Just here to drop a chrome 0day. Yes you read that right https://t.co/sKDKmRYWBP pic.twitter.com/PpVJrVitLR”, — Rajvardhan Agarwal wrote in Twitter.
Agarwal told The Record journalists that he found patches for this vulnerability by studying the source code of the V8 JavaScript engine, and this helped him recreate the exploit with Pwn2Own, which he eventually posted on GitHub.
Agarwal’s code allows a potential attacker to run malicious code on a user’s operating system, but the exploit must first exit the Chrome sandbox. That is, the attackers will need the first part of this chain of exploits, since 0-day in V8 is already the second phase of the attack.
At the same time, Agarwal warns that even in its current form, the exploit is dangerous for the built-in and headless versions of Chromium, in which the sandbox is not usually used.
Although the Chromium developers have already fixed the bug in V8, patches have not yet made it to the newest versions of Chromium browsers, which are still vulnerable to attacks.
Google is expected to release Chrome 90 this week, however it is unknown if this version will include the required patches.
Let me remind you that we wrote that the spring Pwn2Own 2021, the largest hacker competition, has ended: Windows 10, Ubuntu, Safari, Chrome and Zoom were hacked. In total, in three days, Pwn2Own members earned $1,210,000. Detailed results can be found on the Trend Micro Zero Day Initiative (ZDI) blog.