CVE-2025-1704
CVE-2025-1704
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
16 Apr 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices
and intercept device management requests via loading components from the unencrypted stateful partition.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products
Google · ChromeOS