CVE-2022-2294
WebRTC Heap Buffer Overflow Vulnerability
CVSS
—
No CVSS
EPSS
70.5%
p99
KEV
YES
Aug 25, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
Product
WebRTC / WebRTC
Vulnerability
WebRTC Heap Buffer Overflow Vulnerability
Added to KEV
Aug 25, 2022
Remediate by
Sep 15, 2022
Known ransomware use
Yes
Summary description
WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows an attacker to perform shellcode execution. This vulnerability impacts web browsers using WebRTC including but not limited to Google Chrome.
Required action
Apply updates per vendor instructions.
Notes
https://groups.google.com/g/discuss-webrtc/c/5KBtZx2gvcQ; https://nvd.nist.gov/vuln/detail/CVE-2022-2294
No related CVEs by CWE or product.