CVE-2021-30506
📋 TL;DR
This vulnerability in Google Chrome for Android allowed attackers to inject malicious scripts or HTML into privileged pages by tricking users into installing a web application. It affects Android users running Chrome versions prior to 90.0.4430.212. The flaw bypassed security UI protections during web app installations.
💻 Affected Systems
- Google Chrome for Android
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →Fedora by Fedoraproject
Fedora by Fedoraproject
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of user sessions, data theft, and potential installation of persistent malware through script injection in privileged Chrome pages.
Likely Case
Session hijacking, credential theft, and unauthorized access to user data through malicious script execution.
If Mitigated
Limited impact with proper user awareness and updated browsers, though some data exposure may still occur.
🎯 Exploit Status
Requires social engineering to convince users to install malicious web apps. No public exploit code available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 90.0.4430.212
Vendor Advisory: https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html
Restart Required: Yes
Instructions:
1. Open Google Play Store 2. Search for Chrome 3. Update to version 90.0.4430.212 or later 4. Restart Chrome
🔧 Temporary Workarounds
Disable Web App Installations
androidPrevent installation of Progressive Web Apps (PWAs) which could be used to exploit this vulnerability
Use Alternative Browser
androidTemporarily use a different browser until Chrome is updated
🧯 If You Can't Patch
- Implement strict web filtering to block malicious sites
- Educate users about risks of installing unknown web applications
🔍 How to Verify
Check if Vulnerable:
Check Chrome version in Settings > About Chrome. If version is below 90.0.4430.212, system is vulnerable.Check Version:
chrome://version/ in Chrome address barVerify Fix Applied:
Confirm Chrome version is 90.0.4430.212 or higher in Settings > About Chrome.📡 Detection & Monitoring
Log Indicators:
- Unusual web app installation events
- Script injection attempts in Chrome logs
Network Indicators:
- Requests to known malicious domains during web app installation
SIEM Query:
source="chrome" AND (event="webapp_install" OR event="script_injection")🔗 References
- https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html
- https://crbug.com/1180126
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
- https://security.gentoo.org/glsa/202107-06
- https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html
- https://crbug.com/1180126
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/
- https://security.gentoo.org/glsa/202107-06
