DCOM Access Rights Vulnerability in ChromeOS Readiness Tool Installer

DCOM Access Rights Vulnerability in ChromeOS Readiness Tool Installer

CVE-2021-30605 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls.

Learn more about our Cis Benchmark Audit For Google Chrome.