Main Vulnerability Database Exploits ID:5254 - Exploit for Permissions, Privileges, and Access Controls in Google Chrome - CVE-2021-21131

ID:5254 - Exploit for Permissions, Privileges, and Access Controls in Google Chrome - CVE-2021-21131

Published: March 30, 2021

Vulnerability identifier: #VU49709

Vulnerability risk: Medium

CVE-ID: CVE-2021-21131

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Google Chrome

Link to public exploit:

https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome

Vulnerability description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient policy enforcement in File System API in Google Chrome. A remote attacker can trick the victim to visit a specially crafted website, bypass implemented security measures and gain access to sensitive information.

Remediation

Update to version 88.0.4324.96.

ID:5254 - Exploit for Permissions, Privileges, and Access Controls in Google Chrome - CVE-2021-21131

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human