Main Vulnerability Database Vulnerabilities #VU113189

Improper access control in Chrome OS - CVE-2025-6044

Published: July 24, 2025

Vulnerability identifier: #VU113189

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-6044

CWE-ID: CWE-284

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Chrome OS

Detailed vulnerability description

The vulnerability allows an attacker to gain access to file on the locked device.

The vulnerability exists due to improper access restrictions in the Stylus Tools component. An attacker with physical access to device can bypass the Lock Screen and access files on the system.

How to mitigate CVE-2025-6044

Install updates from vendor's website.

Sources

https://issues.chromium.org/issues/b/421184743
https://issuetracker.google.com/issues/421184743
https://chromereleases.googleblog.com/2025/07/stable-chanel-update-for-chromeos.html

Improper access control in Chrome OS - CVE-2025-6044

Detailed vulnerability description

How to mitigate CVE-2025-6044

Sources

Please verify you're human