Impact
A flaw in Google Chrome for Linux allows a malicious extension, once installed by convincing a user, to perform UI spoofing. This enables attackers to mimic legitimate interface elements or dialog boxes, potentially tricking users into revealing credentials or executing unintended actions. Because the vulnerability stems from insufficient policy enforcement for extensions, it can affect any Chrome session where the attacker’s extension runs, compromising user interaction and trust in the browser.
Affected Systems
Google Chrome versions prior to 150.0.7871.47 on Linux operating systems are affected, as the issue arises from how extensions are managed before this patch release.
Risk and Exploitability
The vulnerability carries a Chromium security severity of Medium. It is not indexed in CISA’s KEV catalog and lacks an EPSS score, indicating low publicly known exploitation activity so far. However, attackers can exploit it by persuading users to install a crafted extension, then leveraging the spoofed UI to deceive users. The attack vector requires user interaction to install the extension, but once installed, the malicious code runs with the extension’s privileges and can interact with the browser’s UI.
OpenCVE Enrichment