Description Preview
CVE-2025-2783 is a high-severity vulnerability affecting Google Chrome on Windows systems. The issue arises from an incorrect handle being provided in unspecified circumstances within the Mojo component of Chrome. This flaw enables a remote attacker to execute a sandbox escape, potentially allowing them to gain unauthorized access to the system. The vulnerability has been assigned a CVSS score of 8.3, indicating a high level of risk, particularly due to its potential impact on confidentiality, integrity, and availability. User interaction is required for exploitation, and the attack vector is network-based.
Overview
- CVE ID: CVE-2025-2783
- Vendor: Google
- Product: Chrome
- Affected Version: Prior to 134.0.6998.177
- Severity: High (CVSS 3.1 Base Score: 8.3)
- Impact: Allows remote attackers to perform a sandbox escape via a malicious file.
- User Interaction: Required
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Remediation
To mitigate the risk associated with CVE-2025-2783, users and administrators are advised to update Google Chrome to version 134.0.6998.177 or later. Regularly updating software and applying security patches is crucial in protecting systems from known vulnerabilities. Users should also be cautious when opening files from untrusted sources, as this vulnerability requires user interaction for exploitation.
References
Early Warning
Customers using Armis Early Warning were notified about this vulnerability before it appeared in CISA's Known Exploited Vulnerabilities Catalog, enabling them to assess their exposure and act proactively. Armis offers these examples of CVEs already included in CISA KEV for potential customers. Click here to learn how to receive alerts earlier.
- Armis Alert Date
- Mar 26, 2025
- CISA KEV Date
- Mar 27, 2025
1day early
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- ManufacturingManufacturing: Medium
- Public AdministrationPublic Administration: Medium
- Health Care & Social AssistanceHealth Care & Social Assistance: Medium
- Transportation & WarehousingTransportation & Warehousing: Medium
- Finance and InsuranceFinance and Insurance: Medium
- Educational ServicesEducational Services: Medium
- Retail TradeRetail Trade: Low
- Other Services (except Public Administration)Other Services (except Public Administration): Low
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services: Low
- Arts, Entertainment & RecreationArts, Entertainment & Recreation: Low
- UtilitiesUtilities: Low
- Management of Companies & EnterprisesManagement of Companies & Enterprises: Low
- InformationInformation: Low
- Accommodation & Food ServicesAccommodation & Food Services: Low
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting: Low
- Real Estate Rental & LeasingReal Estate Rental & Leasing: Low
- ConstructionConstruction: Low
- MiningMining: Low
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services: Low
- Wholesale TradeWholesale Trade: Low
