Main Vulnerability Database Exploits ID:5255 - Exploit for Permissions, Privileges, and Access Controls in Google Chrome - CVE-2021-21172

ID:5255 - Exploit for Permissions, Privileges, and Access Controls in Google Chrome - CVE-2021-21172

Published: March 30, 2021

Vulnerability identifier: #VU51132

Vulnerability risk: Medium

CVE-ID: CVE-2021-21172

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Google Chrome

Link to public exploit:

https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome

Vulnerability description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient policy enforcement in File System API in Google Chrome. A remote attacker can trick the victim to visit a specially crafted website, bypass implemented security measures and gain access to sensitive information.

Remediation

Update to version 89.0.4389.72.

ID:5255 - Exploit for Permissions, Privileges, and Access Controls in Google Chrome - CVE-2021-21172

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human