CVE-2025-6179

Summary

Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools.

Affected Software

VendorProductVersion RangeStatus
GoogleChromeOS16181.27.0affected

Weaknesses

  • Permissions Bypass / Privilege Escalation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References