Vulnerabilities > CVE-2022-1132 - Incorrect Authorization vulnerability in Google Chrome
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html
- https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html
- https://crbug.com/1303410
- https://crbug.com/1303410
- https://security.gentoo.org/glsa/202208-25
- https://security.gentoo.org/glsa/202208-25