VULNERABILITY DETAILS
Using console tools in Chrome, one can simply change the input type from 'password' to 'text' to show previously remembered passwords.

VERSION
Chrome Version: [54.0.2840.87 m] + [stable]
Operating System: [Windows 10 pro, 1607, 14393.351]

REPRODUCTION CASE
With 'manage passwords' enabled, Chrome remembers login and password details.  If you attempt to display a password in the settings menu, you are prompted for the windows password.

However, if you use Chrome to access a website (for which the password has previously been remembered) and then open the developer tools, you can simply change the input type from 'password' to 'text' to show previously remembered passwords.  

I think that the developer tools should prevent changing the input type from password otherwise the windows password request in the settings menu is falsely reassuring.