Login Sign Up

CVE-2025-2783

8.3 HIGH CISA KEV

📋 TL;DR

This vulnerability in Google Chrome's Mojo IPC system on Windows allows remote attackers to escape the browser sandbox via a malicious file. Users running affected Chrome versions on Windows are at risk. Successful exploitation could lead to full system compromise.

💻 Affected Systems

Products:
  • Google Chrome
  • Chromium-based browsers
Versions: Prior to 134.0.6998.177
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Windows versions of Chrome. Other operating systems and Chromium-based browsers may be affected if using vulnerable Chromium versions.

📦 What is this software?

Chrome by Google

Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...

Learn more about Chrome →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control over the Windows machine, installing malware, stealing credentials, and accessing all user data.

🟠

Likely Case

Malicious actor gains elevated privileges to execute arbitrary code outside Chrome's sandbox, potentially installing ransomware, spyware, or other persistent threats.

🟢

If Mitigated

With proper controls like application whitelisting and network segmentation, impact is limited to isolated systems with potential data loss but no lateral movement.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file). CISA has added this to Known Exploited Vulnerabilities catalog, indicating active exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 134.0.6998.177 and later

Vendor Advisory: https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html

Restart Required: No

Instructions:

1. Open Chrome. 2. Click three-dot menu → Help → About Google Chrome. 3. Chrome will automatically check for and install updates. 4. Relaunch Chrome if prompted.

🔧 Temporary Workarounds

Disable automatic file downloads

all

Configure Chrome to ask before downloading files to prevent automatic execution of malicious files.

chrome://settings/content/automaticDownloads → Toggle off 'Automatic downloads'

🧯 If You Can't Patch

  • Restrict user permissions to prevent execution of arbitrary code
  • Implement application control/whitelisting to block unauthorized executables

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: Open Chrome → Click three-dot menu → Help → About Google Chrome. If version is below 134.0.6998.177, you are vulnerable.

Check Version:

chrome://version/

Verify Fix Applied:

Confirm Chrome version is 134.0.6998.177 or higher using the same About Google Chrome page.

📡 Detection & Monitoring

Log Indicators:

  • Chrome crash reports with Mojo-related errors
  • Unexpected process creation from chrome.exe
  • Windows Event Logs showing unusual privilege escalation

Network Indicators:

  • Unusual outbound connections from Chrome processes
  • Downloads of suspicious file types from untrusted sources

SIEM Query:

Process Creation where (ParentImage contains 'chrome.exe' OR Image contains 'chrome.exe') AND CommandLine contains unusual parameters

📊 Metadata

CVE ID: CVE-2025-2783
CVSS v3 Score: 8.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score: 44.72% exploit probability (97.5th percentile)
CISA KEV: Actively Exploited added Mar 27, 2025
Published: March 26, 2025
Last Updated: October 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON