An out-of-bounds read was discovered in the WebRTC component of Google Chrome on macOS, affecting all builds prior to version 148.0.7778.216. The flaw allows a remote attacker to retrieve potentially sensitive data from the browser process memory by serving a specially crafted HTML page. This vulnerability is classified as CWE-125, where incorrect bounds checking permits reading memory outside of the intended buffer, leading to disclosure of confidential information. The compromised data may include user credentials, session tokens or other private data held in memory, thereby compromising confidentiality and potentially enabling further attacks.

The vulnerability impacts Google Chrome running on macOS. All installations of Chrome released before the 148.0.7778.216 build are susceptible, regardless of update channel. Users of the stable channel and elevated privilege versions are affected until they upgrade to a corrected build.

Chromium rates the problem with a CVSS score of 6.5, indicating moderate risk. The exploit requires a crafted HTML page delivered to the victim’s browser, so the attack vector is remote over HTTP/HTTPS. The EPSS score is less than 1%, suggesting a very low predicted exploitation probability, and the vulnerability is not listed in CISA’s KEV catalog. Nevertheless, the flaw enables memory disclosure and could be leveraged in conjunction with other weaknesses to facilitate credential theft or further compromise. As the issue arises from untrusted web content, any user who downloads or views malicious pages in Chrome on macOS could be affected.