Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools.
References
Link | Resource |
---|---|
https://issues.chromium.org/issues/b/399652193 | Broken Link |
https://issuetracker.google.com/issues/399652193 | Exploit Issue Tracking |
Configurations
History
02 Jul 2025, 18:23
Type | Values Removed | Values Added |
---|---|---|
First Time |
Google chrome Os
|
|
CPE | cpe:2.3:o:google:chrome_os:16181.27.0:*:*:*:*:*:*:* | |
References | () https://issues.chromium.org/issues/b/399652193 - Broken Link | |
References | () https://issuetracker.google.com/issues/399652193 - Exploit, Issue Tracking |
17 Jun 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-276 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
16 Jun 2025, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-16 17:15
Updated : 2025-07-02 18:23
NVD link : CVE-2025-6179
Mitre link : CVE-2025-6179
CVE.ORG link : CVE-2025-6179
JSON object : View
Products Affected
- chrome_os
CWE
CWE-276
Incorrect Default Permissions