CVE ID
CVE-2025-2783
Vulnerability Name
Google Chromium Mojo Sandbox Escape Vulnerability
- Project: Google
- Product: Chromium Mojo
Date
- Date Added: 2025-03-27
- Due Date: 2025-04-17
Description
Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-2783
Related Security News
- Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild
- Google fixes actively exploited sandbox escape zero day in Chrome
- Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update
- Google fixes fourth actively exploited Chrome zero-day of 2025
- Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
- Google patches new Chrome zero-day bug exploited in attacks
- New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch
- CISA tags recently patched Chrome bug as actively exploited
- Google fixes high severity Chrome flaw with public exploit
- New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy
Top comments (0)