cbcvebase.
CVE-2020-16010
published 2020-11-03

CVE-2020-16010: Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially…

PriorityP182critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
EPSS
6.41%
92.8th percentile
Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Affected

4 ranges
VendorProductVersion rangeFixed in
debianchromium
googlechrome< 86.0.4240.18586.0.4240.185
googlechrome>= unspecified < 86.0.4240.18586.0.4240.185
googlechrome_chrome

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2020-16010 is confirmed exploited in the wild as a heap buffer overflow in Chrome for Android UI, enabling sandbox escape from a compromised renderer process via a crafted HTML page.
  • CVE-2020-16010 is part of an exploit chain: on Android it is chained with CVE-2020-15999 (Chrome FreeType heap buffer overflow). Detection should consider both CVEs being triggered together.
  • Vulnerable versions of Google Chrome for Android are prior to 86.0.4240.185. Flag devices running Chrome for Android below this version as at risk.
  • ·Exploitation requires the attacker to have already compromised the renderer process; this is a sandbox escape stage, not an initial access vector. Detection should account for a two-stage exploit chain.
  • ·The vulnerability is specific to Google Chrome on Android; Chrome on other platforms is not affected by this CVE.

CVSS provenance

nvdv3.19.6CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vulncheck9.6CRITICAL
cisa9.6CRITICAL
vendor_debian9.6LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.