ChromeDriver is a powerful tool, and it can cause harms in the wrong hands. While using ChromeDriver, please follow these suggestions to help keeping it safe:
By default, ChromeDriver only allows local connections. If you need to connect to it from a remote host, use --allowed-ips switch on the command line to specify a list of IP addresses that are allowed to connect to ChromeDriver.
If possible, run ChromeDriver with a test account that has no access to sensitive local or network data. ChromeDriver should never be run with a privileged account.
If possible, run ChromeDriver in a protected environment such as Docker or virtual machine.
Use firewall to prevent unauthorized remote connection to ChromeDriver.
If you are using ChromeDriver through third-party tools such as Selenium Server, be sure to protect the network ports of those tools as well.
Use the latest versions of ChromeDriver and Chrome.