Vulnerability
Threat Guidances
January 14, 2025

CVE-2024-12381-12382

A shattered Google Chrome icon

Lookout Coverage and Recommendation for Admins

To ensure your devices are protected, Lookout admins should take the following steps in their Lookout console:

  • Enable the Application Vulnerability policy, which will detect when a vulnerable app version is on the device. 
  • Lookout will publish the coverage on (January 9th 2025) after which alerts will be generated based on the admin's risk, response and escalation setup. All of the mentioned CVEs will be detected by the same coverage, listed below.some text
    • MultiApp-MultiCVE-2024-12381-12382 - any device with vulnerable browser versions (below the reported fixed version of Chrome 131.0.6778.135 or Edge 131.0.2903.101 will receive an alert if detected after that date. 
  • Enable Lookout Phishing & Content Protection (PCP) to protect mobile users from malicious phishing campaigns that are built to exploit these vulnerabilities in order to phish credentials or deliver malicious apps to the device. 

Overview 

Google has recently disclosed a set of high-severity vulnerabilities affecting Chromium-based web browsers including Google Chrome. The Chromium vulnerabilities are tracked as CVE-2024-12381 and CVE-2024-12382. Both noted vulnerabilities are related to memory safety issues which could grant an attacker the ability to exploit heap corruptions via a crafted HTML page. CVE-2024-12381 highlights a type confusion vulnerability in the Chromium V8 engine, and CVE-2024-12382 details a use-after-free vulnerability affecting the Translate component of Google Chrome.

Lookout Analysis

Vulnerabilities like these can have outsized impact on mobile fleets - especially when they exist in everyday apps such as mobile browsers. In addition to gaining remote access to vulnerable devices, successful exploits in browsers also frequently grant the attacker access to the same permissions as the browsers.

Each of the vulnerabilities disclosed can be exploited via a maliciously crafted webpage, which means that attackers can deliver them as URLs in the same way they would deliver phishing attacks on mobile. This means they would likely socially engineer an individual through SMS, iMessage, WhatsApp, Telegram, Instagram, LinkedIn, or any of the countless messaging and social media apps on mobile devices. A successful attack could lead to continued data leakage and risk for enterprise organizations. 

Authors

Lookout

Cloud & Endpoint Security

Lookout, Inc. is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack. Data is at the core of every organization, and our approach to cybersecurity is designed to protect that data within today’s evolving threat landscape no matter where or how it moves.

Threat Type
Vulnerability
Entry Type
Threat Guidances
Platform(s) Affected
Vulnerability
Threat Guidances

Related Content

CVE-2024-12381-12382

Google has recently disclosed a set of high-severity vulnerabilities affecting Chromium-based web browsers including Google Chrome.

Read Threat Article

CVE-2024-12053

CVE-2024-12053 highlights a Type Confusion in V8 vulnerability in Google Chrome

Read Threat Article

Chrome & Firefox Vulnerabilties

Google and Mozilla have both recently disclosed critical vulnerabilities in their respective Chrome and Firefox web browsers.

Read Threat Article
A woman using her phone and laptop on a train ride.

Lookout Mobile Endpoint Security

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Advanced mobile Endpoint Detection & Response powered by data from 185M+ apps and 200M+ devices on iOS, Android, ChromeOS.

Try Lookout for Free Today
Schedule Demo
HeaderHeaderHeaderHeader
CellCellCellCell
CellCellCellCell
CellCellCellCell
CellCellCellCell