CVE-2023-21775: 
vulnerability analysis and mitigation

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability, identified as CVE-2023-21775, was disclosed in January 2023. The vulnerability affects Microsoft Edge (Chromium-based) versions up to (excluding) 109.0.1518.70 and the Extended Stable channel versions up to (excluding) 108.0.1462.95 (NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 8.3 (HIGH) with the following vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H. This scoring indicates that the vulnerability is network-accessible, requires high attack complexity, needs no privileges, requires user interaction, and can result in high impacts to confidentiality, integrity, and availability (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code on the affected system, potentially compromising the confidentiality, integrity, and availability of the system (MSRC).

Microsoft has released security updates to address this vulnerability. Users should upgrade to Microsoft Edge version 109.0.1518.70 or later for the regular channel, or version 108.0.1462.95 or later for the Extended Stable channel (NVD).