Cybersecurity researchers have revealed details about a critical vulnerability already patched in Google Chrome that could have allowed attackers to elevate privileges and gain access to local files on the victim’s system.
The vulnerability, tracked as CVE-2026-0628 and with a CVSS score of 8.8, was described as insufficient policy enforcement in the WebView tag. Google patched it in early January 2026 in version 143.0.7499.192/.193 for Windows/Mac and 143.0.7499.192 for Linux.
Description and Scope of the Vulnerability
According to NIST’s National Vulnerability Database (NVD), the flaw allowed an attacker, after convincing a user to install a malicious extension, to inject scripts or HTML into a privileged page via a crafted Chrome extension.
Gal Weizman, a researcher at Palo Alto Networks Unit 42, discovered and reported the flaw on November 23, 2025. The researcher noted that the issue could have allowed malicious extensions with basic permissions to take control of the new Gemini Live panel in Chrome, which is activated by clicking the Gemini icon.
Exploitation of this vulnerability would have facilitated an elevation of privilege attack, allowing the attacker to:
- Access the victim’s camera and microphone without their permission.
- Take screenshots of any website.
- Access local files.
Implications of AI Integration in Browsers
The findings of this vulnerability highlight an emerging attack vector derived from the integration of artificial intelligence (AI) capabilities and agents directly into web browsers. These capabilities, designed to facilitate content summarization, translation, and automated task execution, can become a “double-edged sword” if abused by an attacker.
The root of the problem is the need to grant these AI agents privileged access to the browsing environment to perform complex operations. An attacker could embed hidden “prompts” into a malicious web page, tricking the user into visiting it. These prompts would instruct the AI assistant to perform actions that would otherwise be blocked by the browser, such as data exfiltration or code execution.
Classic Safety Risks in New Components
Unit 42 warns that the integration of AI side panels into browsers introduces classic security risks in a new high-privilege context. By placing this new component within the browser’s privileged environment, developers can inadvertently create logical flaws and implementation weaknesses, including cross-site scripting (XSS) vulnerabilities, privilege escalation, and side-channel attacks.
Exploitation of CVE-2026-0628 undermines the browser security model. An attacker could execute arbitrary code in gemini.google[.]com/app via the browser panel and gain access to sensitive data.
Specifically, an extension that had access to basic permissions through the declarativeNetRequest API could inject JavaScript code into the Gemini dashboard. When the Gemini app was loaded inside this new component, Chrome gave it access to powerful capabilities that the attacker could exploit.
Security Conclusions
The demonstrated vulnerability highlights the critical difference between the expected behavior of an extension (influencing a website) and a serious security risk (influencing an intrinsic browser component). For the attacker, it was enough to trick a user into installing an extension designed to inject JavaScript code into the Gemini panel, allowing interaction with the file system, camera and microphone, features necessary for the AI assistant to function.
Confidence
What would we do in these cases?
Defensive Cybersecurity | Protection and Response to Threats - Comfidentia
Defensive cybersecurity services: digital forensics, secure software development, vulnerability management, threat intelligence and incident response. Protect your networks and servers with our defensive security solutions.
Forensic Analysis
Discover the truth hidden in the data with our Forensic Analysis service. We collect, examine and thoroughly analyze every digital trace to reveal the root cause of any incident. Our team of experts follows the key steps: Identification, Acquisition, Analysis and Presentation of solid evidence. Don’t waste any more time searching for answers, trust our experience to reveal the evidence you need.
Vulnerability Management
Don’t risk the security of your company! With our Vulnerability Management solutions, you won’t just get a simple scan or risk assessment, but a complete assessment together with your team. Our approach goes further by proposing real and lasting solutions, adapted to the specific capabilities and needs of your business and systems.
Protect your Brand from Cyber Threats
Protect your business today with Brand Intelligence! Our specialized service provides you with valuable information about possible malicious actors trying to impersonate your brand or domain. By detecting these threats, you can take quick and effective measures to safeguard your company’s reputation. Don’t let cybercriminals damage your image, trust Brand Intelligence to keep your business safe at all times.
Secure Software Development
With our specialized tools and skills, you can create vulnerability-proof applications and programs from start to finish. Our approach is based on a robust model that includes secure design, development process, vulnerability management and information security. This ensures that your software is protected at every stage of the process. Source: See more at Comfidentia
Other related pages:
Schedule a presentation with Comfidentia
References
Original source: See original article
- CVE-2026-0628: Vulnerability in Google Chrome allowing privilege escalation.
- Researcher: Gal Weizman, Palo Alto Networks Unit 42.