Main Vulnerability Database Vulnerabilities #VU113189

#VU113189 Improper access control in Chrome OS - CVE-2025-6044

Published: July 24, 2025

Vulnerability identifier: #VU113189

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-6044

CWE-ID: CWE-284

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Chrome OS

Software vendor:
Google

Description

The vulnerability allows an attacker to gain access to file on the locked device.

The vulnerability exists due to improper access restrictions in the Stylus Tools component. An attacker with physical access to device can bypass the Lock Screen and access files on the system.

Remediation

Install updates from vendor's website.

External links

https://issues.chromium.org/issues/b/421184743
https://issuetracker.google.com/issues/421184743
https://chromereleases.googleblog.com/2025/07/stable-chanel-update-for-chromeos.html

#VU113189 Improper access control in Chrome OS - CVE-2025-6044

Description

Remediation

External links

Please verify you're human