Impact
The vulnerability arises from an inappropriate implementation in WebAppInstalls, allowing a remote attacker who has already compromised the renderer process to potentially escape the browser sandbox by serving a specially constructed HTML page. The flaw permits the attacker to run code with higher privileges than the renderer process, which could lead to arbitrary code execution on the host system. The weakness corresponds to improper isolation of privileged components and is labeled a Low severity issue by Chromium.
Affected Systems
Applications of concern are Google Chrome browsers running on macOS, specifically versions prior to 150.0.7871.47. Any installation of these legacy releases on a Mac system faces the risk described.
Risk and Exploitability
The EPSS score is not available, and the vulnerability is currently not listed in CISA’s KEV catalog. The attack requires that an attacker first gain a foothold in the renderer process, after which a crafted HTML page can be delivered to trigger the sandbox escape. Due to the low Chromium severity rating, the likelihood of widespread exploitation is considered modest, but the impact of a successful escape remains significant for affected users.
OpenCVE Enrichment