CVE-2020-6397: 
Google Chrome vulnerability analysis and mitigation

CVE-2020-6397 is a security vulnerability discovered in Google Chrome prior to version 80.0.3987.87, disclosed on February 11, 2020. The vulnerability involves an inappropriate implementation in the sharing feature that allowed remote attackers to spoof security UI elements through a crafted HTML page (NVD, Chrome Release).

The vulnerability has been assigned a CVSS v3.1 Base Score of 6.5 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N. This indicates that the vulnerability can be exploited remotely, requires low attack complexity, needs no privileges, but does require user interaction. The scope is unchanged, with no impact on confidentiality, high impact on integrity, and no impact on availability (NVD).

The vulnerability allows a remote attacker to spoof security user interface elements through a specially crafted HTML page. This could potentially lead to users being deceived about the security status or origin of web content, potentially facilitating phishing attacks or other forms of social engineering (NVD, Debian Security).

The vulnerability was patched in Chrome version 80.0.3987.87. Users and administrators are advised to upgrade to this version or later. Multiple Linux distributions have also released security updates to address this vulnerability, including Debian (version 80.0.3987.132-1~deb10u1), Fedora, and Red Hat Enterprise Linux (Debian Security, Red Hat).