CVE-2020-6417 — Google Chrome vulnerability

7 documents7 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 77.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Debian Chromium Google Chrome Chrome

Timeline

PublishedFeb 11

Latest updateMay 24

Description

Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5google/chromeunspecified — 80.0.3987.87

▶NVDgoogle/chrome< 80.0.3987.87

▶googlegoogle/chrome_chrome

▶debiandebian/chromium

🔴Vulnerability Details

GHSA

GHSA-v7x5-7rf4-h5f6: Inappropriate implementation in installer in Google Chrome prior to 80↗2022-05-24

▶

OSV

CVE-2020-6417: Inappropriate implementation in installer in Google Chrome prior to 80↗2020-02-11

▶

📋Vendor Advisories

Red Hat

chromium-browser: Inappropriate implementation in installer↗2020-02-04

▶

Chrome

Stable Channel Update for Desktop: CVE-2020-6417↗2020-02-04

▶

Debian

CVE-2020-6417: chromium - Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87...↗2020

▶

💬Community

Bugzilla

CVE-2020-6417 chromium-browser: Inappropriate implementation in installer↗2020-02-10

▶