Type Confusion RCE in Google Chrome V8
CVE-2024-4947 is a high-severity type confusion vulnerability in Google Chrome's V8 JavaScript engine, specifically reported in the Maglev optimizing compiler. According to the provided content, the flaw affects Google Chrome versions prior to 125.0.6422.60 and can be triggered by a specially crafted HTML page. Supporting reporting states the root cause was a missing check when storing to module exports, leading to memory corruption and type confusion. In observed exploitation, attackers used the bug to obtain arbitrary read and write access within the Chrome process from JavaScript, enabling remote code execution inside the Chrome sandbox.
Are you exposed to this one?
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
Impact, mitigation & remediation
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
Impact
What an attacker gets, and what they’ve been doing with it.
Mitigation
If you can’t patch tonight, do this now.
Remediation
Patch, then assume compromise.
Exploits
1 valid exploit after Mallory filtered fakes, detection scripts, and README-only repos.
This repository provides a detailed analysis and multiple proof-of-concept (PoC) exploits for CVE-2024-4947, a type confusion vulnerability in the V8 JavaScript engine. The structure includes an in-depth markdown analysis (Analysis.md), a README with reproduction and reference information, and several JavaScript modules under PoCs/Modified and PoCs/Original. The main exploit (PoCs/Modified/Exploit2.mjs) demonstrates how to achieve arbitrary memory read/write primitives by exploiting object hash reassign and type confusion, specifically by corrupting the length field of a JSArray to enable out-of-bounds access. Other PoCs illustrate related exploitation steps, such as controlling the hash of JSModuleNamespace objects and triggering memory corruption via FinalizationRegistry. The code is intended for use with the V8 d8 shell and requires specific build and runtime flags. The repository targets V8 version 12.4.254.16 on Linux and is operational, providing working exploitation primitives but not a fully weaponized exploit chain.
Affected products & vendors
Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.
Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.
Recent activity
6 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A type confusion vulnerability in Google Chrome's V8 JavaScript engine exploited by North Korean threat actors to deliver a custom backdoor (Manuscrypt/Manyscrypt) to cryptocurrency targets via a malicious website.
A V8 type confusion vulnerability in Chromium patched in 2024. Mentioned as one of several exploited V8 vulnerabilities this year.
A type confusion vulnerability in Google Chrome's V8 engine that allows remote code execution within the browser sandbox via a crafted HTML page. Affects Chrome versions prior to 125.0.6422.60.
A zero-day vulnerability in Google Chrome's V8 Maglev compiler caused by a missing check when storing to module exports, enabling type confusion, memory corruption, and remote code execution in the Chrome process via a malicious website.
The version that knows your environment.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.