CVE-2024-11115 Overview
CVE-2024-11115 is a privilege escalation vulnerability in Google Chrome on iOS caused by insufficient policy enforcement in the browser's Navigation component. The flaw affects Chrome on iOS versions prior to 131.0.6778.69. A remote attacker can exploit the issue by tricking a user into performing a series of user interface (UI) gestures, allowing the attacker to escalate privileges within the browser context. Chromium classifies the security severity as Medium, while the NVD assigns a higher CVSS rating reflecting the network attack vector and high impact on confidentiality, integrity, and availability.
Critical Impact
A remote attacker can achieve privilege escalation in Chrome on iOS through crafted web content combined with user-driven UI gestures.
Affected Products
- Google Chrome on iOS prior to 131.0.6778.69
- Apple iPhone OS (as the host platform for the affected Chrome build)
- Any iOS deployments distributing Chrome below the patched version
Discovery Timeline
- 2024-11-12 - CVE-2024-11115 published to the National Vulnerability Database (NVD)
- 2025-01-02 - Last updated in the NVD database
Technical Details for CVE-2024-11115
Vulnerability Analysis
The vulnerability resides in Chrome's Navigation logic on iOS. Chrome on iOS is built on top of Apple's WebKit and inherits navigation policy responsibilities from the embedding browser layer. The flaw stems from insufficient enforcement of navigation policy when the browser transitions between pages or contexts in response to user gestures.
An attacker hosting malicious web content can chain together legitimate-looking navigation events and UI interactions to bypass intended security boundaries. The CWE mapping includes [CWE-79], indicating that improper neutralization of web content contributes to the exploitation path. Successful exploitation yields elevated privileges inside the browser, enabling actions that should otherwise require stronger user consent or origin separation.
Root Cause
The root cause is missing or insufficient policy checks in the iOS-specific Navigation code path. When a sequence of navigations and gestures occurs, the browser does not consistently validate that each transition respects the security policy of the originating context, allowing privilege boundaries to be crossed.
Attack Vector
Exploitation requires network access and user interaction. The attacker lures a victim to attacker-controlled content in Chrome for iOS and induces the user to perform specific taps or gestures. No prior authentication is required. Because the trigger relies on gestures rather than memory corruption, no exploitation code is publicly documented for this issue.
// No public proof-of-concept code is available for CVE-2024-11115.
// Exploitation depends on a crafted page combined with a specific
// sequence of user-initiated UI gestures in Chrome on iOS.
Detection Methods for CVE-2024-11115
Indicators of Compromise
- Chrome for iOS clients reporting a version string below 131.0.6778.69 in browser telemetry or user-agent logs
- Unexpected navigation chains in web proxy logs showing rapid cross-origin redirects tied to a single user session
- User reports of unintended permission prompts, popups, or page transitions on iOS devices
Detection Strategies
- Inventory Chrome on iOS versions across managed mobile fleets and flag any below 131.0.6778.69
- Monitor mobile device management (MDM) telemetry for app version compliance with the patched Chrome release
- Correlate web gateway logs for suspicious redirect patterns originating from iOS Chrome user agents
Monitoring Recommendations
- Continuously track Chrome iOS version distribution and alert on drift from the patched baseline
- Review browser-related incident reports from iOS users, focusing on unexpected UI behavior or privilege prompts
- Subscribe to the Google Chrome Releases blog for ongoing advisories
How to Mitigate CVE-2024-11115
Immediate Actions Required
- Update Chrome on iOS to version 131.0.6778.69 or later on all managed and personal devices
- Push the update through MDM where possible to enforce a minimum Chrome version policy
- Notify users to manually update Chrome via the App Store if MDM enforcement is not available
Patch Information
Google addressed CVE-2024-11115 in Chrome for iOS 131.0.6778.69. Details are documented in the Google Chrome Release Update and the corresponding Chromium Issue Tracker Entry. Apply the update through the iOS App Store or an enterprise mobile management workflow.
Workarounds
- Restrict use of Chrome on iOS until the patched build is installed, defaulting to an alternative managed browser
- Educate users to avoid following unsolicited links and performing UI gestures requested by untrusted sites
- Enforce browser version compliance policies via MDM, blocking access to corporate resources from outdated Chrome iOS clients
# Example MDM compliance check: flag Chrome iOS builds below the patched version
MIN_VERSION="131.0.6778.69"
INSTALLED_VERSION="$(mdm_query --app com.google.chrome.ios --field version)"
if [ "$(printf '%s\n%s' "$MIN_VERSION" "$INSTALLED_VERSION" | sort -V | head -n1)" != "$MIN_VERSION" ]; then
echo "Non-compliant: Chrome iOS $INSTALLED_VERSION < $MIN_VERSION"
fi
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
