Impact
The vulnerability stems from insufficient policy enforcement within Chrome's extension framework. In versions earlier than 150.0.7871.47, a malicious or compromised renderer process can craft an HTML page that forces the browser to bypass its site isolation boundaries. This means that a compromised process could potentially read or influence data from other isolated sites, effectively elevating the attacker's privileges across profiles and sites. In practice, an attacker could hijack cross‑site communication channels or steal credentials stored in isolated processes.
Affected Systems
The affected product is Google Chrome, all releases older than 150.0.7871.47. The issue is documented for these versions and the fix appears in the stable channel update noted in the release notes and issue tracker. Users running earlier builds are considered vulnerable.
Risk and Exploitability
The Chromium team rated the vulnerability as medium severity. EPSS data is unavailable, and the issue is not listed in CISA's KEV catalog; therefore the historical likelihood of exploitation remains uncertain. However, the requirement for a renderer‑process compromise suggests the attack path demands prior foothold or malicious extension delivery. Once a renderer is compromised, the attacker can bypass site isolation with a crafted page, potentially reading cross‑site secrets or manipulating isolated content. The fix is contained in version 150.0.7871.47, which restores proper policy checks before enforcing site isolation.
OpenCVE Enrichment