Google Chrome WebRTC Zero-Day Faces Active Exploitation


According to the Internet giant, a zero-day security flaw in Google Chrome for Android is currently being actively used in the field.

A high-severity heap-buffer overflow flaw in WebRTC (identified as CVE-2022-2294) is the problem. Websites may now play real-time audio and video content inside browsers thanks to the HTML5 standard known as WebRTC. According to Google’s advisory on the problem, “an attack for CVE-2022-2294 exists in the wild.” Read More…