November 4, 2020

Chrome for Android Vulnerabilities

Platform(s) Affected
Android
Platform(s) Affected
Web
Entry Type
Security Guidance
Threat Type
Vulnerability
Platform(s) Affected
Android
Web
Security Guidance
Vulnerability

Lookout Coverage and Recommendation for Admins

Lookout will detect any version of Chrome before 86.0.4240.185 as a vulnerable application in your fleet. Since Chrome is the primary browser on Android devices, admins should proactively enable the vulnerability protection in the Lookout console and configure it with the appropriate severity and remediation actions that align with their organization’s response workflows.

Overview

Google recently discovered and disclosed an exploitable vulnerability in Chrome for Android, Windows, and Mac. The Android- specific vulnerability, which is identified as CVE-2020-16010, was reported by members of the Google Project Zero team.

According to the report, the vulnerability exists due to a heap-based buffer overflow that is triggered when Google Chrome on Android renders maliciously crafted HTML content. Successfully exploiting the vulnerability may allow the attacker to compromise the entire affected device.

Lookout Analysis

Google has noted that there are already exploits for this vulnerability in the wild, which explains the rapid turnaround from reporting the vulnerability to releasing an app update. Based on telemetry from our Lookout Security Graph, which is informed by tens of millions Android users protected by Lookout Personal and Lookout for Work, we estimate that up to 50% of Android users globally are running an out of date version of Chrome for Android.

A successful exploit could allow the actor to perform a sandbox escape via a crafted HTML page, which means the actor can gain access to Chrome's capabilities without needing to root the device. Mobile device management (MDM) tools will not detect a successful exploitation. In the event of a successful exploit, the actor could have access to any capability that the browser has. This includes access to the camera and microphone, location data, browsing history and more.

Lookout Coverage and Recommendation for Admins

Lookout will detect any version of Chrome before 86.0.4240.185 as a vulnerable application in your fleet. Since Chrome is the primary browser on Android devices, admins should proactively enable the vulnerability protection in the Lookout console and configure it with the appropriate severity and remediation actions that align with their organization’s response workflows.

Colleagues standing in an open meeting area and sharing a humorous moment

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Other Related Threats

New

September 15, 2023

Scattered Spider

Scattered Spider, aka UNC3944, was able to successfully target and gain access to the infrastructure of Caesars Entertainment in its latest campaign

September 19, 2023

CVE-2023-4863

September 18, 2023

ASPL 2023-09-01 / CVE-2023-35674