vulnerability

Fortinet FortiClientEMS: CVE-2023-4863: Heap overflow in Chrome/libwebp

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Jan 14, 2025	Jan 15, 2025	Aug 25, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Jan 14, 2025

Added

Jan 15, 2025

Modified

Aug 25, 2025

Description

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

Solution

fortinet-forticlientems-upgrade-latest

References

CWE-787
CVE-2023-4863
https://attackerkb.com/topics/CVE-2023-4863
URL-https://nvd.nist.gov/vuln/detail/CVE-2023-4863
URL-https://www.wiz.io/blog/cve-2023-4863-and-cve-2023-5217-exploited-in-the-wild
URL-https://www.cve.org/CVERecord?id=CVE-2023-4863

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today