CVE-2020-6443
📋 TL;DR
This vulnerability in Google Chrome's developer tools allows remote attackers to execute arbitrary code on a user's system by tricking them into using devtools on a malicious HTML page. It affects Chrome users on all platforms who haven't updated to version 81.0.4044.92 or later. The attacker needs to convince the user to open developer tools on their crafted page.
💻 Affected Systems
- Google Chrome
📦 What is this software?
Backports by Opensuse
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →Fedora by Fedoraproject
Fedora by Fedoraproject
Fedora by Fedoraproject
Leap by Opensuse
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with attacker gaining full control over the victim's machine, potentially leading to data theft, ransomware deployment, or persistent backdoor installation.
Likely Case
Limited code execution in Chrome's sandboxed process, potentially allowing data exfiltration, session hijacking, or installation of additional malware.
If Mitigated
No impact if Chrome is updated to patched version or if users avoid opening devtools on untrusted websites.
🎯 Exploit Status
Exploitation requires user interaction (opening devtools on malicious page). No public exploit code was found in references, but the bug report suggests it was responsibly disclosed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 81.0.4044.92
Vendor Advisory: https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
Restart Required: Yes
Instructions:
1. Open Chrome. 2. Click the three-dot menu. 3. Go to Help > About Google Chrome. 4. Chrome will automatically check for and install updates. 5. Click 'Relaunch' to restart Chrome with the update.
🔧 Temporary Workarounds
Disable Developer Tools
allPrevents exploitation by disabling Chrome's developer tools entirely
Not applicable - requires Chrome policy or extension management
Restrict DevTools Usage
allUse enterprise policies to restrict developer tools usage to trusted sites only
Configure via Chrome Enterprise policies or GPO
🧯 If You Can't Patch
- Use alternative browsers until Chrome can be updated
- Educate users to never open developer tools on untrusted websites
🔍 How to Verify
Check if Vulnerable:
Check Chrome version: if below 81.0.4044.92, system is vulnerableCheck Version:
chrome://version/ (in Chrome address bar) or 'google-chrome --version' (command line)Verify Fix Applied:
Confirm Chrome version is 81.0.4044.92 or higher📡 Detection & Monitoring
Log Indicators:
- Chrome crash reports with devtools-related stack traces
- Unusual process spawning from Chrome
Network Indicators:
- Connections to suspicious domains after visiting HTML pages with devtools open
SIEM Query:
process_name:"chrome.exe" AND (event_id:1000 OR event_id:1001) AND message:"devtools"🔗 References
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html
- https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
- https://crbug.com/1040080
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/
- https://www.debian.org/security/2020/dsa-4714
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html
- https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
- https://crbug.com/1040080
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/
- https://www.debian.org/security/2020/dsa-4714
