CVE-2020-6571: 
Google Chrome vulnerability analysis and mitigation

CVE-2020-6571 is a security vulnerability discovered in Google Chrome's Omnibox (address bar) prior to version 85.0.4183.83. The vulnerability involves insufficient data validation that allowed remote attackers to perform domain spoofing through IDN (Internationalized Domain Name) homographs via crafted domain names (Chrome Release, NVD).

The vulnerability is classified as a security UI issue in the Omnibox component of Google Chrome. It has been assigned a CVSS v3.1 base score of 4.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N. The vulnerability stems from improper input validation (CWE-20) specifically related to how Chrome handles IDN homographs in the address bar (NVD).

The vulnerability could allow an attacker to perform domain spoofing attacks through IDN homographs. This could potentially lead to users being deceived about the actual website they are visiting, as the attacker could craft domain names that appear visually similar to legitimate domains in the browser's address bar (NVD).

The vulnerability was patched in Google Chrome version 85.0.4183.83. Users and organizations are advised to upgrade to this version or later to mitigate the risk. The fix was also incorporated into various Linux distributions including Debian, Fedora, and openSUSE through their respective security updates (Debian Advisory, Fedora Update).