Login Sign Up

CVE-2020-15983

7.8 HIGH

📋 TL;DR

This vulnerability allows a local attacker on ChromeOS devices to bypass Content Security Policy (CSP) protections by exploiting insufficient data validation in Chrome's webUI. Attackers could execute malicious scripts that would normally be blocked by CSP, potentially leading to data theft or further system compromise. Only ChromeOS devices running Chrome versions before 86.0.4240.75 are affected.

💻 Affected Systems

Products:
  • Google Chrome on ChromeOS
Versions: Versions prior to 86.0.4240.75
Operating Systems: ChromeOS
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects ChromeOS devices, not other operating systems running Chrome. Requires local access to the device.

📦 What is this software?

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access could bypass CSP to execute arbitrary JavaScript, potentially leading to session hijacking, credential theft, or installation of persistent malware.

🟠

Likely Case

Local privilege escalation or data exfiltration from the browser session through crafted malicious web pages.

🟢

If Mitigated

With proper CSP policies and browser sandboxing, impact would be limited to the browser session without system-wide compromise.

🌐 Internet-Facing: LOW - This requires local access to the ChromeOS device, not remote exploitation.
🏢 Internal Only: MEDIUM - Insider threats or compromised local accounts could exploit this vulnerability to bypass security controls.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and crafting of malicious HTML pages. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 86.0.4240.75 and later

Vendor Advisory: https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html

Restart Required: Yes

Instructions:

1. Open Chrome browser on ChromeOS device. 2. Click the three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install updates. 4. Click 'Relaunch' to restart Chrome with the updated version.

🔧 Temporary Workarounds

Disable local HTML file execution

all

Prevent execution of local HTML files that could be crafted to exploit this vulnerability.

Not applicable - configure via Chrome policies or user education

Enhanced CSP policies

all

Implement stricter Content Security Policy headers to limit script execution even if bypassed.

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval';

🧯 If You Can't Patch

  • Restrict local user access to ChromeOS devices and implement strict user privilege management.
  • Deploy network-level controls to block access to potentially malicious websites and monitor for unusual browser behavior.

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: Open Chrome → Click three-dot menu → Help → About Google Chrome. If version is below 86.0.4240.75, the system is vulnerable.

Check Version:

chrome://version/ in Chrome browser address bar

Verify Fix Applied:

Confirm Chrome version is 86.0.4240.75 or higher using the same About Google Chrome page.

📡 Detection & Monitoring

Log Indicators:

  • Unusual CSP violation logs
  • Multiple failed CSP policy validations from single user sessions

Network Indicators:

  • Unexpected outbound connections following local HTML file access
  • Anomalous data transfers from ChromeOS devices

SIEM Query:

source="chrome_audit_logs" AND (event_type="csp_violation" AND count>10) OR (process="chrome" AND parent_process="local_html_file")

📊 Metadata

CVE ID: CVE-2020-15983
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-20
Published: November 3, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-15983, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2019-11708 10.0

This vulnerability allows a compromised child process in Firefox/Thunderbird to trick the parent pro...

Same vulnerability type (CWE-20)
CVE-2020-12388 10.0

This vulnerability allows attackers to escape Firefox's content process sandbox on Windows systems, ...

Same vulnerability type (CWE-20)