CVE-2020-6447 – This vulnerability in Google Chrome's developer... (How to Fix)

Q: What is the severity of CVE-2020-6447?

CVE-2020-6447 has a CVSS score of 8.8 (HIGH). This vulnerability in Google Chrome's developer tools allows a remote attacker to potentially exploit heap corruption by convincing a user to open devtools on a malicious HTML page. This could lead to arbitrary code execution or browser crashes. Users of Chrome versions before 81.0.4044.92 are affected.

📋 TL;DR

This vulnerability in Google Chrome's developer tools allows a remote attacker to potentially exploit heap corruption by convincing a user to open devtools on a malicious HTML page. This could lead to arbitrary code execution or browser crashes. Users of Chrome versions before 81.0.4044.92 are affected.

💻 Affected Systems

Products:

Google Chrome

Versions: Versions prior to 81.0.4044.92

Operating Systems: Windows, macOS, Linux, Chrome OS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects users who open Chrome Developer Tools on malicious pages. Mobile versions may also be affected but not explicitly stated.

📦 What is this software?

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the Chrome process, potentially leading to full system compromise if combined with other vulnerabilities.

🟠

Likely Case

Browser crash (denial of service) or limited memory corruption leading to unstable browser behavior.

🟢

If Mitigated

No impact if users don't open devtools on untrusted pages or have patched Chrome.

🌐 Internet-Facing: MEDIUM - Requires user interaction (opening devtools) on a malicious page, but common in web browsing scenarios.

🏢 Internal Only: LOW - Internal users would need to be tricked into specific actions with malicious content.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires social engineering to convince user to open devtools on attacker-controlled page. No public exploit code identified in references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 81.0.4044.92

Vendor Advisory: https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html

Restart Required: Yes

Instructions:

1. Open Chrome menu > Help > About Google Chrome. 2. Chrome will automatically check for and install update 81.0.4044.92 or later. 3. Click 'Relaunch' to restart Chrome with the update.

🔧 Temporary Workarounds

Disable Developer Tools

all

Prevent users from accessing Chrome Developer Tools through group policy or registry settings

Windows Registry: HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\DeveloperToolsDisabled = 1
macOS/Linux: Configure through Chrome policies JSON file

Restrict DevTools to Local Files Only

all

Configure Chrome to only allow Developer Tools on local file:// URLs

Chrome flag: --disable-devtools-experiments
Combine with other security policies

🧯 If You Can't Patch

Disable Chrome Developer Tools entirely through enterprise policies
Educate users to never open Developer Tools on untrusted websites

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: chrome://version/ - if version is less than 81.0.4044.92, system is vulnerable

Check Version:

chrome://version/ (in Chrome address bar) or on command line: google-chrome --version

Verify Fix Applied:

Confirm Chrome version is 81.0.4044.92 or higher via chrome://version/

📡 Detection & Monitoring

Log Indicators:

Chrome crash reports with memory corruption signatures
Unexpected Developer Tools usage patterns

Network Indicators:

Requests to known malicious domains hosting exploit pages
Unusual iframe or script loading patterns

SIEM Query:

source="chrome_crash_logs" AND (message="heap corruption" OR message="memory corruption") OR source="proxy_logs" AND (url="*malicious-domain*" AND user_agent="*Chrome/8[0-1].*")

📊 Metadata

CVE ID: CVE-2020-6447

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: April 13, 2020

Last Updated: November 21, 2024

🔗 References

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html Mailing List,Third Party Advisory
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html Release Notes,Vendor Advisory
https://crbug.com/991217 Exploit,Permissions Required,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/
https://www.debian.org/security/2020/dsa-4714 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html Mailing List,Third Party Advisory
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html Release Notes,Vendor Advisory
https://crbug.com/991217 Exploit,Permissions Required,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/
https://www.debian.org/security/2020/dsa-4714 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-6447, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Backports Sle by Opensuse

Chrome by Google

Debian Linux by Debian

Debian Linux by Debian

Fedora by Fedoraproject

Fedora by Fedoraproject

Fedora by Fedoraproject

Leap by Opensuse

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable Developer Tools

Restrict DevTools to Local Files Only

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities