CVE-2020-6563: 
Google Chrome vulnerability analysis and mitigation

CVE-2020-6563 is a security vulnerability discovered in Google Chrome on Android prior to version 85.0.4183.83. The vulnerability stems from insufficient policy enforcement in intent handling, which could allow a remote attacker to obtain potentially sensitive information from disk through a crafted HTML page (NVD, Chrome Releases).

The vulnerability has been assigned a CVSS v3.1 Base Score of 6.5 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N. This indicates that the vulnerability can be exploited remotely, requires low attack complexity, needs no privileges, but does require user interaction. The scope is unchanged, with high confidentiality impact but no impact on integrity or availability (NVD).

The vulnerability allows remote attackers to obtain potentially sensitive information stored on disk through specially crafted HTML pages. The high confidentiality impact rating suggests that the attacker could gain access to significant amounts of sensitive data (NVD).

The vulnerability was patched in Google Chrome version 85.0.4183.83. Users are advised to update to this version or later to mitigate the risk. The fix was also incorporated into various Linux distributions including Debian, Fedora, and OpenSUSE through their respective security updates (Chrome Releases, Debian Advisory).