{"id":48017,"date":"2026-06-12T10:26:34","date_gmt":"2026-06-12T03:26:34","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=48017"},"modified":"2026-06-18T10:27:46","modified_gmt":"2026-06-18T03:27:46","slug":"cisa-canh-bao-lo-hong-zero-day-tren-chromium-dang-bi-khai-thac-thuc-te","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/cisa-canh-bao-lo-hong-zero-day-tren-chromium-dang-bi-khai-thac-thuc-te\/","title":{"rendered":"CISA c\u1ea3nh b\u00e1o l\u1ed7 h\u1ed5ng zero-day tr\u00ean Chromium \u0111ang b\u1ecb khai th\u00e1c th\u1ef1c t\u1ebf"},"content":{"rendered":"<div><b>C\u01a1 quan An ninh C\u01a1 s\u1edf h\u1ea1 t\u1ea7ng v\u00e0 An ninh m\u1ea1ng Hoa K\u1ef3 (CISA) v\u1eeba ph\u00e1t \u0111i c\u1ea3nh b\u00e1o kh\u1ea9n c\u1ea5p v\u1ec1 l\u1ed7 h\u1ed5ng zero-day CVE-2026-11645 trong Chromium, n\u1ec1n t\u1ea3ng tr\u00ecnh duy\u1ec7t \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng b\u1edfi Google Chrome, Microsoft Edge, Opera v\u00e0 nhi\u1ec1u s\u1ea3n ph\u1ea9m kh\u00e1c. L\u1ed7 h\u1ed5ng hi\u1ec7n \u0111\u00e3 b\u1ecb khai th\u00e1c ngo\u00e0i th\u1ef1c t\u1ebf, l\u00e0m d\u1ea5y l\u00ean lo ng\u1ea1i v\u1ec1 nguy c\u01a1 t\u1ea5n c\u00f4ng di\u1ec7n r\u1ed9ng.<\/b><br \/>\n\u200b<\/div>\n<div>\n<div class=\"bbImageWrapper  js-lbImage\" title=\"CVE-2026-11645.png\" data-src=\"https:\/\/whitehat.vn\/attachments\/cve-2026-11645-png.19138\/\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-single-image=\"1\"><img loading=\"lazy\" decoding=\"async\" class=\"bbImage\" title=\"CVE-2026-11645.png\" src=\"https:\/\/whitehat.vn\/attachments\/cve-2026-11645-png.19138\/\" alt=\"CVE-2026-11645.png\" width=\"700\" height=\"390\" data-url=\"\" data-zoom-target=\"1\" \/><\/div>\n<\/div>\n<div>\nCVE-2026-11645 n\u1eb1m trong V8, b\u1ed9 m\u00e1y JavaScript \u0111\u00f3ng vai tr\u00f2 trung t\u00e2m c\u1ee7a Chromium. L\u1ed7 h\u1ed5ng b\u1eaft ngu\u1ed3n t\u1eeb l\u1ed7i truy c\u1eadp b\u1ed9 nh\u1edb ngo\u00e0i ph\u1ea1m vi cho ph\u00e9p, \u0111\u01b0\u1ee3c ph\u00e2n lo\u1ea1i l\u00e0 CWE-125 (Out-of-Bounds Read) v\u00e0 CWE-787 (Out-of-Bounds Write), khi\u1ebfn tr\u00ecnh duy\u1ec7t c\u00f3 th\u1ec3 \u0111\u1ecdc ho\u1eb7c ghi d\u1eef li\u1ec7u v\u01b0\u1ee3t qu\u00e1 v\u00f9ng nh\u1edb \u0111\u01b0\u1ee3c c\u1ea5p ph\u00e1t. D\u1ea1ng l\u1ed7i n\u00e0y th\u01b0\u1eddng d\u1eabn \u0111\u1ebfn t\u00ecnh tr\u1ea1ng h\u1ecfng b\u1ed9 nh\u1edb v\u00e0 t\u1eeb l\u00e2u \u0111\u00e3 \u0111\u01b0\u1ee3c c\u00e1c nh\u00f3m t\u1ea5n c\u00f4ng \u01b0a chu\u1ed9ng do c\u00f3 th\u1ec3 b\u1ecb l\u1ee3i d\u1ee5ng \u0111\u1ec3 th\u1ef1c thi m\u00e3 t\u00f9y \u00fd.<\/p>\n<p>M\u1ee9c \u0111\u1ed9 r\u1ee7i ro c\u1ee7a CVE-2026-11645 \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 l\u00e0 r\u1ea5t cao do ph\u01b0\u01a1ng th\u1ee9c k\u00edch ho\u1ea1t \u0111\u01a1n gi\u1ea3n. Tin t\u1eb7c c\u00f3 th\u1ec3 th\u1ef1c thi m\u00e3 t\u1eeb xa ch\u1ec9 b\u1eb1ng c\u00e1ch d\u1eabn d\u1ee5 ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp v\u00e0o m\u1ed9t trang HTML \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ed9c h\u1ea1i. D\u00f9 ban \u0111\u1ea7u ch\u1ec9 b\u1ecb gi\u1edbi h\u1ea1n trong sandbox c\u1ee7a tr\u00ecnh duy\u1ec7t, c\u00e1c nh\u00f3m tin t\u1eb7c tinh vi ho\u00e0n to\u00e0n c\u00f3 th\u1ec3 k\u1ebft h\u1ee3p l\u1ed7 h\u1ed5ng n\u00e0y v\u1edbi c\u00e1c chu\u1ed7i khai th\u00e1c kh\u00e1c \u0111\u1ec3 tho\u00e1t kh\u1ecfi sandbox v\u00e0 x\u00e2m nh\u1eadp s\u00e2u h\u01a1n v\u00e0o h\u1ec7 th\u1ed1ng m\u00e1y t\u00ednh.<\/p>\n<p>Nguy c\u01a1 t\u1eeb CVE-2026-11645 kh\u00f4ng ch\u1ec9 d\u1eebng l\u1ea1i \u1edf Google Chrome. Do Chromium l\u00e0 n\u1ec1n t\u1ea3ng c\u1ee7a nhi\u1ec1u tr\u00ecnh duy\u1ec7t ph\u1ed5 bi\u1ebfn, ph\u1ea1m vi \u1ea3nh h\u01b0\u1edfng c\u1ee7a l\u1ed7 h\u1ed5ng tr\u1ea3i r\u1ed9ng tr\u00ean h\u00e0ng tri\u1ec7u thi\u1ebft b\u1ecb c\u00e1 nh\u00e2n v\u00e0 h\u1ec7 th\u1ed1ng doanh nghi\u1ec7p. \u0110i\u1ec1u n\u00e0y khi\u1ebfn vi\u1ec7c c\u1eadp nh\u1eadt b\u1ea3n v\u00e1 tr\u1edf th\u00e0nh y\u00eau c\u1ea7u c\u1ea5p thi\u1ebft \u0111\u1ed1i v\u1edbi c\u00e1c t\u1ed5 ch\u1ee9c v\u1eadn h\u00e0nh h\u1ea1 t\u1ea7ng CNTT quy m\u00f4 l\u1edbn.<\/p>\n<p>CISA y\u00eau c\u1ea7u c\u00e1c c\u01a1 quan li\u00ean bang M\u1ef9 ho\u00e0n t\u1ea5t vi\u1ec7c kh\u1eafc ph\u1ee5c tr\u01b0\u1edbc ng\u00e0y 23\/6\/2026 theo ch\u1ec9 th\u1ecb BOD 22-01. C\u01a1 quan n\u00e0y c\u0169ng khuy\u1ebfn ngh\u1ecb c\u00e1c t\u1ed5 ch\u1ee9c tri\u1ec3n khai ngay c\u00e1c b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt do nh\u00e0 cung c\u1ea5p ph\u00e1t h\u00e0nh, \u0111\u1ed3ng th\u1eddi t\u0103ng c\u01b0\u1eddng gi\u00e1m s\u00e1t ho\u1ea1t \u0111\u1ed9ng tr\u00ecnh duy\u1ec7t, \u00e1p d\u1ee5ng gi\u1ea3i ph\u00e1p EDR v\u00e0 h\u1ea1n ch\u1ebf truy c\u1eadp c\u00e1c website kh\u00f4ng \u0111\u00e1ng tin c\u1eady.<\/p>\n<p>Tr\u01b0\u1edbc t\u00ecnh h\u00ecnh khai th\u00e1c di\u1ec5n ra li\u00ean t\u1ee5c, c\u00e1c chuy\u00ean gia an ninh m\u1ea1ng khuy\u1ebfn ngh\u1ecb c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0 ng\u01b0\u1eddi d\u00f9ng c\u1ea7n \u00e1p d\u1ee5ng ngay c\u00e1c b\u1ea3n v\u00e1 do nh\u00e0 cung c\u1ea5p ph\u00e1t h\u00e0nh. N\u1ebfu b\u1ea3n v\u00e1 ch\u01b0a s\u1eb5n s\u00e0ng, ng\u01b0\u1eddi d\u00f9ng n\u00ean t\u1ea1m ng\u1eebng s\u1eed d\u1ee5ng c\u00e1c s\u1ea3n ph\u1ea9m b\u1ecb \u1ea3nh h\u01b0\u1edfng cho \u0111\u1ebfn khi b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt ch\u00ednh th\u1ee9c \u0111\u01b0\u1ee3c tung ra.<\/p>\n<p>B\u00ean c\u1ea1nh vi\u1ec7c c\u1eadp nh\u1eadt ph\u1ea7n m\u1ec1m, c\u00e1c t\u1ed5 ch\u1ee9c c\u1ea7n t\u0103ng c\u01b0\u1eddng gi\u00e1m s\u00e1t ho\u1ea1t \u0111\u1ed9ng b\u1ea5t th\u01b0\u1eddng c\u1ee7a tr\u00ecnh duy\u1ec7t, th\u1ef1c thi ch\u00ednh s\u00e1ch qu\u1ea3n l\u00fd b\u1ea3n v\u00e1 nghi\u00eam ng\u1eb7t v\u00e0 tri\u1ec3n khai c\u00e1c gi\u1ea3i ph\u00e1p ph\u00e1t hi\u1ec7n v\u00e0 ph\u1ea3n \u1ee9ng \u0111i\u1ec3m cu\u1ed1i (EDR). Vi\u1ec7c h\u1ea1n ch\u1ebf ng\u01b0\u1eddi d\u00f9ng ti\u1ebfp x\u00fac v\u1edbi c\u00e1c trang web kh\u00f4ng \u0111\u00e1ng tin c\u1eady v\u00e0 v\u00f4 hi\u1ec7u h\u00f3a c\u00e1c t\u00ednh n\u0103ng tr\u00ecnh duy\u1ec7t kh\u00f4ng c\u1ea7n thi\u1ebft c\u0169ng l\u00e0 nh\u1eefng bi\u1ec7n ph\u00e1p hi\u1ec7u qu\u1ea3 gi\u00fap gi\u1ea3m thi\u1ec3u r\u1ee7i ro b\u1ecb t\u1ea5n c\u00f4ng.\u200b<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>C\u01a1 quan An ninh C\u01a1 s\u1edf h\u1ea1 t\u1ea7ng v\u00e0 An ninh m\u1ea1ng Hoa K\u1ef3 (CISA) v\u1eeba ph\u00e1t \u0111i c\u1ea3nh b\u00e1o kh\u1ea9n c\u1ea5p v\u1ec1 l\u1ed7 h\u1ed5ng zero-day CVE-2026-11645 trong Chromium, n\u1ec1n t\u1ea3ng tr\u00ecnh duy\u1ec7t \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng b\u1edfi Google Chrome, Microsoft Edge, Opera v\u00e0 nhi\u1ec1u s\u1ea3n ph\u1ea9m kh\u00e1c. L\u1ed7 h\u1ed5ng hi\u1ec7n \u0111\u00e3 b\u1ecb khai th\u00e1c ngo\u00e0i [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":48018,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[3,24,35],"tags":[],"class_list":["post-48017","post","type-post","status-publish","format-standard","has-post-thumbnail","category-canh-bao-khuyen-nghi","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48017","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=48017"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48017\/revisions"}],"predecessor-version":[{"id":48019,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48017\/revisions\/48019"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/48018"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=48017"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=48017"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=48017"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}