Security Advisory

CVE-2025-6177

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-16 16:43:44
Last updated 2026-02-26 17:50:35
Assigner ChromeOS
State PUBLISHED

Description

Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and potentially others) on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell (VT3 console) accessible through specific key combinations during developer mode entry and MiniOS access, even when developer mode is blocked by device policy or Firmware Write Protect (FWMP).