CVE-2020-15961 – This vulnerability in Google Chrome allowed mal... (How to Fix)

Q: What is the severity of CVE-2020-15961?

CVE-2020-15961 has a CVSS score of 9.6 (CRITICAL). This vulnerability in Google Chrome allowed malicious extensions to bypass security sandbox restrictions. Attackers could convince users to install a crafted extension that would then escape Chrome's sandbox, potentially gaining elevated privileges. All Chrome users with vulnerable versions who install malicious extensions are affected.

📋 TL;DR

This vulnerability in Google Chrome allowed malicious extensions to bypass security sandbox restrictions. Attackers could convince users to install a crafted extension that would then escape Chrome's sandbox, potentially gaining elevated privileges. All Chrome users with vulnerable versions who install malicious extensions are affected.

💻 Affected Systems

Products:

Google Chrome

Versions: Versions prior to 85.0.4183.121

Operating Systems: Windows, macOS, Linux, Chrome OS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects users who install malicious extensions. Default Chrome installation without malicious extensions is not vulnerable.

📦 What is this software?

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via sandbox escape allowing arbitrary code execution with elevated privileges, potentially leading to data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Malicious extension escapes Chrome sandbox to access system resources, install additional malware, or steal sensitive data from the compromised system.

🟢

If Mitigated

With proper extension vetting and user education, risk is limited to isolated Chrome process compromise without system-wide impact.

🌐 Internet-Facing: HIGH - Attackers can host malicious extensions on websites or distribute them through social engineering, targeting any internet-connected Chrome user.

🏢 Internal Only: MEDIUM - Risk exists if users install extensions from untrusted internal sources, but external attack surface is reduced.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to install malicious extension. No public exploit code available, but vulnerability is serious enough that attackers likely developed private exploits.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 85.0.4183.121 and later

Vendor Advisory: https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html

Restart Required: Yes

Instructions:

1. Open Chrome. 2. Click the three-dot menu. 3. Go to Help > About Google Chrome. 4. Chrome will automatically check for and install updates. 5. Click 'Relaunch' to restart Chrome with the patched version.

🔧 Temporary Workarounds

Disable extension installation

all

Prevent users from installing any Chrome extensions to block the attack vector.

For enterprise: Use Group Policy to disable extension installation via ExtensionInstallBlocklist policy set to *

Restrict extension sources

all

Only allow extensions from Chrome Web Store to reduce risk of malicious extensions.

For enterprise: Use ExtensionInstallSources policy to restrict installation sources

🧯 If You Can't Patch

Implement strict extension whitelisting policies to only allow vetted extensions
Educate users about the risks of installing extensions from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: If version is less than 85.0.4183.121, system is vulnerable.

Check Version:

On Chrome: chrome://version/ or in terminal: google-chrome --version

Verify Fix Applied:

Verify Chrome version is 85.0.4183.121 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Unusual extension installation events
Chrome crash reports with extension-related errors
Security logs showing sandbox violation attempts

Network Indicators:

Downloads of extension files (.crx) from untrusted sources
Connections to known malicious extension repositories

SIEM Query:

source="chrome_logs" AND (event="extension_install" AND source_ip NOT IN trusted_ips) OR (event="sandbox_violation" AND process="chrome")

📊 Metadata

CVE ID: CVE-2020-15961

CVSS v3 Score: 9.6 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Published: September 21, 2020

Last Updated: November 21, 2024

🔗 References

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html Mailing List,Third Party Advisory
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html Release Notes,Vendor Advisory
https://crbug.com/1114636 Exploit,Issue Tracking,Patch,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZIGAOCZKBT4LV363BCPRA5FLY25I/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNIYFJST4TFJYFZ27VODBOINCLBGULTD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWNBJFBPKYCYSZTS54FHNCRZG6KC2AIJ/
https://security.gentoo.org/glsa/202009-13 Third Party Advisory
https://security.gentoo.org/glsa/202101-30 Third Party Advisory
https://www.debian.org/security/2021/dsa-4824 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html Mailing List,Third Party Advisory
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html Release Notes,Vendor Advisory
https://crbug.com/1114636 Exploit,Issue Tracking,Patch,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZIGAOCZKBT4LV363BCPRA5FLY25I/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNIYFJST4TFJYFZ27VODBOINCLBGULTD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWNBJFBPKYCYSZTS54FHNCRZG6KC2AIJ/
https://security.gentoo.org/glsa/202009-13 Third Party Advisory
https://security.gentoo.org/glsa/202101-30 Third Party Advisory
https://www.debian.org/security/2021/dsa-4824 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Backports Sle by Opensuse

Backports Sle by Opensuse

Chrome by Google

Debian Linux by Debian

Fedora by Fedoraproject

Fedora by Fedoraproject

Fedora by Fedoraproject

Leap by Opensuse

Leap by Opensuse

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable extension installation

Restrict extension sources

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export