Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6044

An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture feature.

Published

2025-07-07T19:15:23.920

Last Modified

2025-07-09T19:15:24.587

Status

Awaiting Analysis

Source

7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-287

Affected Vendors & Products

References

https://issues.chromium.org/issues/b/421184743 (7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f)
https://issuetracker.google.com/issues/421184743 (7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f)