CVE-2025-5065
📋 TL;DR
This vulnerability in Google Chrome's FileSystemAccess API allows attackers to create deceptive user interface elements that trick users into granting unintended file system permissions. Users of Chrome versions before 137.0.7151.55 are affected when visiting malicious websites.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →⚠️ Risk & Real-World Impact
Worst Case
Attackers could trick users into granting full file system access, potentially leading to data theft, ransomware deployment, or system compromise through malicious file execution.
Likely Case
Attackers create convincing fake permission dialogs to trick users into granting access to specific directories, enabling limited file theft or manipulation.
If Mitigated
With proper user awareness and security controls, users would recognize suspicious dialogs and deny permissions, preventing exploitation.
🎯 Exploit Status
Exploitation requires user interaction (clicking on spoofed UI elements) but is technically simple for attackers to implement.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 137.0.7151.55 and later
Vendor Advisory: https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html
Restart Required: Yes
Instructions:
1. Open Chrome 2. Click menu (three dots) → Help → About Google Chrome 3. Chrome will automatically check for and install updates 4. Click 'Relaunch' to restart Chrome
🔧 Temporary Workarounds
Disable FileSystemAccess API
allTemporarily disable the vulnerable API via Chrome flags
chrome://flags/#file-system-access-api
Set to 'Disabled'
Use Chrome Enterprise policies
allConfigure enterprise policies to restrict FileSystemAccess API usage
Configure 'FileSystemAccessAPIEnabled' policy to false
🧯 If You Can't Patch
- Use alternative browsers until Chrome can be updated
- Implement network filtering to block known malicious sites that might exploit this vulnerability
🔍 How to Verify
Check if Vulnerable:
Check Chrome version: If version is less than 137.0.7151.55, system is vulnerableCheck Version:
chrome://version/Verify Fix Applied:
Confirm Chrome version is 137.0.7151.55 or higher📡 Detection & Monitoring
Log Indicators:
- Unusual FileSystemAccess API permission grants from unfamiliar websites
- Multiple permission requests from same domain
Network Indicators:
- Connections to known malicious domains with file system access patterns
SIEM Query:
source="chrome_audit_log" AND event="file_system_access" AND version<"137.0.7151.55"