Login Sign Up

CVE-2020-6455

8.8 HIGH

📋 TL;DR

This vulnerability allows a remote attacker to exploit heap corruption via an out-of-bounds read in WebSQL in Google Chrome. Attackers can craft malicious HTML pages to potentially execute arbitrary code or cause denial of service. All users running vulnerable versions of Google Chrome are affected.

💻 Affected Systems

Products:
  • Google Chrome
Versions: All versions prior to 81.0.4044.92
Operating Systems: Windows, macOS, Linux, Chrome OS, Android
Default Config Vulnerable: ⚠️ Yes
Notes: WebSQL is enabled by default in Chrome. Chromium-based browsers may also be affected.

📦 What is this software?

Backports by Opensuse

View all CVEs affecting Backports →

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Leap by Opensuse

View all CVEs affecting Leap →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Browser crash (denial of service) or limited information disclosure from memory.

🟢

If Mitigated

No impact if Chrome is updated to patched version or if exploit attempts are blocked by security controls.

🌐 Internet-Facing: HIGH - Attackers can host malicious pages on the internet that trigger the vulnerability when visited.
🏢 Internal Only: MEDIUM - Risk exists if internal users visit malicious internal pages, but external attack surface is reduced.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user interaction (visiting malicious page). No public exploit code was found in references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 81.0.4044.92 and later

Vendor Advisory: https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html

Restart Required: Yes

Instructions:

1. Open Chrome. 2. Click menu (three dots) → Help → About Google Chrome. 3. Chrome will automatically check for and install updates. 4. Click 'Relaunch' to restart Chrome with the update.

🔧 Temporary Workarounds

Disable WebSQL

all

Disable the vulnerable WebSQL feature via Chrome flags

chrome://flags/#enable-sql-api
Set to 'Disabled'

Use browser extensions to block scripts

all

Install script-blocking extensions like NoScript or uBlock Origin to prevent malicious JavaScript execution

🧯 If You Can't Patch

  • Restrict users from browsing untrusted websites using network/web filtering
  • Implement application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: if version is less than 81.0.4044.92, system is vulnerable.

Check Version:

On Chrome: chrome://version/ or 'google-chrome --version' in terminal

Verify Fix Applied:

Confirm Chrome version is 81.0.4044.92 or higher after update.

📡 Detection & Monitoring

Log Indicators:

  • Chrome crash reports with WebSQL-related stack traces
  • Unexpected Chrome process termination events

Network Indicators:

  • HTTP requests to suspicious domains hosting HTML pages with WebSQL usage
  • Unusual outbound connections after visiting web pages

SIEM Query:

source="chrome_logs" AND (event="crash" OR event="process_termination") AND process_name="chrome.exe"

📊 Metadata

CVE ID: CVE-2020-6455
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-125
Published: April 13, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-6455, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)