CVE-2023-4762
ENISA EUVD: EUVD-2023-54609 ↗
Exploited in the Wild
✓ Confirmed 0-Day
★ Google Project Zero
Triaged: March 3, 2026
9 articles
Published: 2023-09-05
EPSS Score
Source: FIRST.org · 2026-05-23
55.8%
probability
This CVE has a 55.8% probability
of being exploited in the next 30 days.
0%
Top 98.1th percentile of all CVEs
100%
CVSS v3.1
Source: VulnerabilityLookup (CIRCL)8.8
HIGH
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Description
VulnerabilityLookup (CNA)Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Affected Products
Google
Chrome
116.0.5845.179
Attack Intelligence
Google Project Zero
Discovered
Aug. 16, 2023
Patched
Sept. 5, 2023
Reported by
???
Root Cause Analysis
???
Exploits & PoC
24
2023-09-27
0
2023-09-27
2 repos — triés par ⭐
Rechercher sur GitHub ↗
Signal Intelligence
Confidence
92%
EPSS
55.8%
CVSS v3.1
8.8
Mentions
9
Last Seen
Jan 16, 2024
CNA Information
CNA Assigner
Chrome
Analyst Note
CVE-2023-4762 is confirmed as an actively exploited zero-day in Chrome with a HIGH CVSS score (8.8) and remote code execution capability. Evidence of real-world exploitation is documented in multiple security publications, confirming this is not a theoretical vulnerability but one actively leveraged in attacks.
Threat Actors 6
APT 28
apt_group
Information theft and espionage
🇷🇺 RU
Infy
apt_group
Information theft and espionage
🇮🇷 IR
APT24
apt_group
Information theft and espionage
🇨🇳 CN
UNC1549
apt_group
Information theft and espionage
🇮🇷 IR
PassCV
apt_group
Information theft and espionage
🇨🇳 CN
APT 5
apt_group
Information theft and espionage
🇨🇳 CN
Triage Info
Decided atMar 03, 2026
Published DateSep 05, 2023