CVE-2023-3742

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Google Chrome on ChromeOS versions prior to 114.0.5735.90

Description The issue is related to insufficient policy enforcement in the Android Debug Bridge (ADB) component of Google Chrome on ChromeOS. This allows a local attacker with physical access to the device to bypass device policy restrictions. The severity of this issue is considered high.

Recommendations For Google Chrome on ChromeOS versions prior to 114.0.5735.90, update to version 114.0.5735.90 or later to resolve the issue. As a temporary workaround, consider restricting physical access to devices to minimize the risk of exploitation.

Exploit

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-280CWE-264

Related Identifiers

BDU:2024-00266

CVE-2023-3742

Affected Products

Google Chrome

CVE-2023-3742

Weakness Enumeration

Related Identifiers

Affected Products

References · 10