Login Sign Up

CVE-2020-16001

8.8 HIGH

📋 TL;DR

This vulnerability is a use-after-free memory corruption flaw in Chrome's media component that allows remote attackers to execute arbitrary code or cause denial of service. It affects all users running Chrome versions prior to 86.0.4240.111. Attackers can exploit this by tricking users into visiting a malicious webpage.

💻 Affected Systems

Products:
  • Google Chrome
Versions: All versions prior to 86.0.4240.111
Operating Systems: Windows, macOS, Linux, Chrome OS
Default Config Vulnerable: ⚠️ Yes
Notes: All Chrome installations with default settings are vulnerable. Chromium-based browsers may also be affected.

📦 What is this software?

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Browser crash (denial of service) or limited code execution within browser sandbox.

🟢

If Mitigated

No impact if Chrome is fully patched or if exploit attempts are blocked by security controls.

🌐 Internet-Facing: HIGH - Exploitable via malicious websites without user interaction beyond visiting the page.
🏢 Internal Only: MEDIUM - Requires user to visit malicious internal site or click malicious link in emails/documents.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploit requires crafting malicious HTML/JavaScript but doesn't require authentication. Public bug report includes technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 86.0.4240.111 and later

Vendor Advisory: https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html

Restart Required: Yes

Instructions:

1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install updates. 4. Click 'Relaunch' to restart Chrome with the patched version.

🔧 Temporary Workarounds

Disable JavaScript

all

Temporarily disable JavaScript to prevent exploitation via malicious web pages.

chrome://settings/content/javascript → Block

Use Chrome Sandbox

all

Ensure Chrome sandbox is enabled to limit impact of successful exploitation.

Check chrome://sandbox/ for sandbox status

🧯 If You Can't Patch

  • Restrict access to untrusted websites using web filtering or proxy controls.
  • Implement application whitelisting to prevent unauthorized code execution from browser processes.

🔍 How to Verify

Check if Vulnerable:

Check Chrome version in About Google Chrome page. If version is below 86.0.4240.111, system is vulnerable.

Check Version:

On Windows: "chrome://version/" in address bar. On Linux/macOS: google-chrome --version

Verify Fix Applied:

Confirm Chrome version is 86.0.4240.111 or higher in About Google Chrome page.

📡 Detection & Monitoring

Log Indicators:

  • Chrome crash reports
  • Unexpected Chrome process termination
  • Memory access violation errors in system logs

Network Indicators:

  • Requests to known malicious domains hosting exploit code
  • Unusual outbound connections from Chrome processes

SIEM Query:

source="chrome_logs" AND (event="crash" OR event="access_violation") AND version<"86.0.4240.111"

📊 Metadata

CVE ID: CVE-2020-16001
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-416
Published: November 3, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-16001, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)