Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Google ChromeOS Extension Management Permissions Bypass Vulnerability

Vulnerability

Exploited

Patched

A permissions bypass vulnerability has been identified in the extension management system of Google ChromeOS version 16181.27.0, specifically on managed Chrome devices. This vulnerability allows a local attacker to disable extensions and gain access to Developer Mode. Exploitation of this vulnerability can be achieved using the ExtHang3r and ExtPrint3r tools, available on GitHub. The issue has been reported to affect students in a school district, who are using it to bypass web filtering.

Impact

Exploitation of this vulnerability allows for the unauthorized disabling of extensions, access to Developer Mode, and the ability to load additional extensions on managed Chrome devices.

Remediation

Google has implemented a short-term fix for this vulnerability and is working on a more robust, long-term solution, targeted for release in ChromeOS version M135.

Added: Jun 16, 2025, 5:17 PM

Updated: Jun 16, 2025, 5:17 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

5.0

remediation

7.7

relevance

0.2

threat

8.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

5.0

remediation

7.7

relevance

0.2

threat

8.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Google ChromeOS Extension Management Permissions Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Google ChromeOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating