Trellix is aware of CVE-2023-4863, recently released by Google Chrome. This vulnerability is not restricted to Chrome, rather it is a buffer overflow vulnerability in the libwebp library which, depending on how it is implemented, could potentially lead to remote code execution in any application which consumes it.
It is recommended that customers upgrade to a Google Chrome version higher than 116.0.5845.187 and upgrade any other application which may be consuming the vulnerable libwebp library per the application vendor's instructions. This is considered a high severity vulnerability, with a CVSS (3.1) score of 8.8. You can see the threat vector on the NIST page for CVE-2023-4863.
Due to the severity of this vulnerability, Trellix has created KB96801 to provide communication on actions customers can take to mitigate risk in their environment. Customers are encouraged to subscribe to this article to receive updates pertaining to related coverage and countermeasures.