Rule Category

BROWSER-CHROME -- Snort has detected suspicious traffic known to exploit vulnerabilities present in the Chrome browser. These rules are separate from the "browser-webkit" category; while it uses the Webkit rendering engine, there's a lot of other features to create a secondary Chrome category.

Alert Message

BROWSER-CHROME Google Chrome desktopMediaPickerController use after free attempt

Rule Explanation

Rule tries to catch exploit attempt for CVE-2019-13767 using the content present in publicly available proof of concept javascript code

What To Look For

Attacker tries to exploit CVE-2019-13767 with crafted malicious javascript code

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic: Execution

Technique: Compiled HTML File

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

Additional Links

Rule Vulnerability

CVE Additional Information