Vulnerability in Tencent WeChat custom browser could lead to remote code execution

  • Certain versions of WeChat, a popular messaging app created by tech giant Tencent, contain a type confusion vulnerability that could allow an adversary to execute remote code. 
  • While this issue, CVE-2023-3420, was disclosed and patched in the V8 engine in June 2023, the WeChat Webview component was not updated,

This article has been indexed from Cisco Talos Blog

Read the original article: