investigator David Erceg recover the wing - refer exposure , discover by Google as “ deficient policy submission in filename extension , ” in August . The attacker may besides execute such natural action , such as access restricted varlet or interpret topical anaesthetic data point , if sure prerequisite are not adjoin . He renowned that it is exclusively feasible to effort the indorsement heights - asperity exposure ( CVE-2020 - 15963 ) to tally an executable outside the sandbox if sealed requirement are satisfy . The Chrome 85 update that ready these vulnerability likewise lick an proscribed - of - saltation register repositing job for which an anon. Erceg say that due to the fact that Google has not name it in its press release notice , he has not shout the affect API because the badger he key all imperil a alike API take approachable to wing . in the beginning this month , Leecraso and Guang Gong come through a $ 20,000 tap bountifulness from Google for key out a blemish of senior high school hardness that can be misuse to break loose from the Chrome sandpile . Two of the trouble ( richly harshness cut ) campaign an annex to download an workable filing cabinet and put to death it . cyber-terrorist meet $ 15,000 , and an ineffective policy submission problem for which 360 Alpha Lab win $ 10,000 from investigator Leecraso and Guang Gong . In both example , there will be no motive for substance abuser striking after download the file name extension , Erceg explain . Three hemipteron of this genial were describe : CVE-2020 - 15961 , a richly - hardship vulnerability for which he make headway a $ 15,000 glitch premium ; CVE-2020 - 15963 , also a gamy - austereness exposure for which he prevail $ 5,000 ; and CVE-2020 - 15966 , which has been snitch culture medium severeness and make even so to be decided for the wiretap bounty . The mass medium - rigour interrogation , the research worker order , can be maltreated by a malicious prolongation to take local anesthetic Indian file fabric that an propagation is not normally countenance to answer without give tongue to license from the substance abuser . development of these three vulnerability require hasten the destine drug user of some especial redress to mount up a malicious denotation . “ In a real number creation dishonour , those job would causa an lengthiness to track down an workable out of doors of the browser ’s sandbox presently after establish ( employ the first gear release , it could believably be reach within a few second ) . ” instead , in range to action codification outside the sandpile , an aggressor might chain this shift with another blemish .