CVE-2018-6084

HIGH

Google Chrome < 66.0.3359.117 - Local Arbitrary Code Execution via Updater

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-6084. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages a vulnerability in Google's software updater on macOS, where Distributed Objects are unsafely used across a privilege boundary. By manipulating proxy objects, the exploit corrupts memory via a stack buffer overflow in CoreFoundation's plist serialization code, leading to local privilege escalation.

Description

Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · localmacos

https://www.exploit-db.com/exploits/44307

View Code ZIP pw:eip

This exploit leverages a vulnerability in Google's software updater on macOS, where Distributed Objects are unsafely used across a privilege boundary. By manipulating proxy objects, the exploit corrupts memory via a stack buffer overflow in CoreFoundation's plist serialization code, leading to local privilege escalation.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Google Software Update Daemon (com.google.Keystone.Daemon.UpdateEngine)

No auth needed

Prerequisites: macOS system with Google Chrome installed · GoogleSoftwareUpdateDaemon running as root

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1555 - Credentials from Password Stores

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Release Notes, Vendor Advisory x_refsource_confirm

https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44307/

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/103468

Issue Tracking x_refsource_misc

https://crbug.com/822424

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/103917

Scores

CVSS v3 7.8

EPSS 0.0110

EPSS Percentile 61.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20

Status published

Products (5)

debian/debian_linux 9.0

google/chrome < 66.0.3359.117

redhat/enterprise_linux_desktop 6.0

redhat/enterprise_linux_server 6.0

redhat/enterprise_linux_workstation 6.0

Published Jan 09, 2019

Tracked Since Feb 18, 2026