The Indian Computer Emergency Response Team (CERT-In), which falls under the Ministry of Electronics & Information Technology, has issued a warning about vulnerabilities in Google Chrome and Siemens products. These vulnerabilities could potentially allow an attacker to execute arbitrary code on the targeted system.
The affected versions of Google Chrome are those prior to 125.0.6422.112/.113 for Windows and Mac, and versions before 125.0.6422.112 for Linux.
The impacted Siemens products include Parasolid, SIMATIC RTLS, Simcenter Nastran, SIMATIC CN 4100, RUGGEDCOM, Solid Edge, Teamcenter Visualization, JT2Go, CPC80, CPCI85, and six others.
"A vulnerability has been reported in Google Chrome for Desktop which could be exploited by a remote attacker to execute arbitrary code on the targeted system," said the CERT-In advisory.
The 'Remote Code Execution' vulnerability exists in Google Chrome for Desktop due to the 'Type Confusion' flaw in V8. An attacker could exploit this vulnerability by sending a specially crafted request.
Moreover, the cyber agency said that the multiple vulnerabilities reported in Siemens Products could allow an attacker to execute arbitrary code, escalate privileges, or perform denial of service (DoS) conditions on the targeted system.
How to protect yourself
The agency suggested users apply appropriate security updates as mentioned by the companies.
Meanwhile, In the first quarter of this year (January-March period), nearly one in four Indians experienced hacking attacks. A report released on Friday indicated that malware continues to be a significant cyber threat. According to quarterly data from the global security company Kaspersky, 22.9 percent of web users in the country were targeted by web-borne threats. Additionally, about 20.1 percent of users were susceptible to local threats during the same period.
"Malware remains a major threat to the users in India. Targeted malware attacks continue to be a major source of worry for organisations and users alike," said the company.
Cybercriminals exploited the vulnerabilities in the browsers and their plugins.
"File-less malware is being seen as the most dangerous web threat this quarter since it does not leave any trace for static analysis of the attack," the findings showed.
ALSO READ: Government issues warning to Android smartphone users, personal data at risk: Here's why
Inputs from IANS
