CVE-2020-6522 – This vulnerability in Google Chrome allowed att... (How to Fix)

Q: What is the severity of CVE-2020-6522?

CVE-2020-6522 has a CVSS score of 9.6 (CRITICAL). This vulnerability in Google Chrome allowed attackers to escape the browser's security sandbox via malicious HTML pages that exploited flaws in external protocol handlers. Users running Chrome versions before 84.0.4147.89 were affected, potentially enabling attackers to execute arbitrary code outside Chrome's sandbox protections.

📋 TL;DR

This vulnerability in Google Chrome allowed attackers to escape the browser's security sandbox via malicious HTML pages that exploited flaws in external protocol handlers. Users running Chrome versions before 84.0.4147.89 were affected, potentially enabling attackers to execute arbitrary code outside Chrome's sandbox protections.

💻 Affected Systems

Products:

Google Chrome

Versions: All versions prior to 84.0.4147.89

Operating Systems: Windows, macOS, Linux, Chrome OS

Default Config Vulnerable: ⚠️ Yes

Notes: All standard Chrome installations were vulnerable; no special configuration required for exploitation.

📦 What is this software?

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Backports Sle by Opensuse

View all CVEs affecting Backports Sle →

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via sandbox escape leading to arbitrary code execution with user privileges, potentially enabling malware installation, data theft, or lateral movement.

🟠

Likely Case

Attackers could execute malicious code outside Chrome's sandbox, potentially gaining persistence, stealing sensitive data, or installing additional malware.

🟢

If Mitigated

With proper patching, the vulnerability is eliminated; with network segmentation and least privilege, impact would be limited to the compromised user session.

🌐 Internet-Facing: HIGH - Attackers can exploit via malicious websites or emails, requiring only user interaction with crafted content.

🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or compromised internal sites, but requires user interaction.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction (visiting malicious page) but no authentication. No public proof-of-concept has been disclosed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 84.0.4147.89 and later

Vendor Advisory: https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html

Restart Required: Yes

Instructions:

1. Open Chrome and click the three-dot menu. 2. Go to Help > About Google Chrome. 3. Chrome will automatically check for updates and install version 84.0.4147.89 or later. 4. Click 'Relaunch' to restart Chrome with the fix.

🔧 Temporary Workarounds

Disable external protocol handlers

all

Prevent Chrome from launching external applications via protocol handlers

chrome://settings/content/handlers
Set 'Sites can ask to handle protocols' to 'Don't allow sites to ask'

Use Chrome sandboxing policies

all

Enforce strict sandbox policies via Group Policy or registry

Windows: Configure via Chrome ADMX templates
macOS/Linux: Use --no-sandbox flag NOT recommended as it reduces security

🧯 If You Can't Patch

Restrict user access to untrusted websites via web filtering
Implement application whitelisting to prevent unauthorized executables

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: if below 84.0.4147.89, system is vulnerable

Check Version:

chrome://version/ or 'google-chrome --version' on command line

Verify Fix Applied:

Confirm Chrome version is 84.0.4147.89 or higher

📡 Detection & Monitoring

Log Indicators:

Chrome crash reports with sandbox violations
Unexpected external process launches from Chrome

Network Indicators:

Requests to known malicious domains hosting exploit code
Unusual outbound connections following Chrome usage

SIEM Query:

source="chrome" AND (event_type="crash" OR process_name="chrome.exe") AND message="sandbox"

📊 Metadata

CVE ID: CVE-2020-6522

CVSS v3 Score: 9.6 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Published: July 22, 2020

Last Updated: November 21, 2024

🔗 References

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html Mailing List,Third Party Advisory
https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html Release Notes,Vendor Advisory
https://crbug.com/1052093 Permissions Required,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/
https://security.gentoo.org/glsa/202007-08 Third Party Advisory
https://www.debian.org/security/2021/dsa-4824 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html Mailing List,Third Party Advisory
https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html Release Notes,Vendor Advisory
https://crbug.com/1052093 Permissions Required,Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/
https://security.gentoo.org/glsa/202007-08 Third Party Advisory
https://www.debian.org/security/2021/dsa-4824 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Backports Sle by Opensuse

Backports Sle by Opensuse

Chrome by Google

Debian Linux by Debian

Fedora by Fedoraproject

Fedora by Fedoraproject

Leap by Opensuse

Leap by Opensuse

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable external protocol handlers

Use Chrome sandboxing policies

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export