Chrome Version: 68.0.3440.106 
Operating System: ubuntu 16.04 LTS

VULNERABILITY DETAILS

I bought a used laptop, logged it into my account Google Chrome, after formatted the hard drive and put it on ubuntu 16.04 lts, ​​again went into my account Google Chrome,
in chrome: // settings / passwords appeared other people's logins and passwords (probably the former owner of the laptop).
below will attach the video, as I go into other people's accounts on the laptop, as well as on the android!
Also the login and password of the online bank click.alfabank.ru, if you copy the sim card of the owner (the number can be taken in social networks), anyone will go to the online bank and can use it as their own!
Also easily went to someone else's mail account.mail.ru and avito.ru where there is a lot of personal and billing data!

Conclusion: you can buy any used PC or smartphone, enter the most popular Google Chrome browser, where the default passwords and logins are retained, even after logging out of the account. A normal user just logs out of accounts, without deleting anything. Log in to other people's accounts and abuse their data!

REPRODUCTION CASE

 

Deleted: video_2018-08-18.mp4 19.3 MB

video_2018-08-18.mp4 19.3 MB Download