CVE-2021-30605

Name of the Vulnerable Software and Affected Versions ChromeOS Readiness Tool versions prior to 1.0.2.0

Description The issue is related to an inappropriate implementation in the ChromeOS Readiness Tool installer on Windows, which loosens DCOM access rights on two objects. This could allow an attacker to potentially bypass discretionary access controls.

Recommendations For versions prior to 1.0.2.0, update to version 1.0.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected DCOM objects to minimize the risk of exploitation.