CVE-2025-2783 (GCVE-0-2025-2783)

Vulnerability from cvelistv5 – Published: 2025-03-26 16:07 – Updated: 2026-02-26 19:09
VLAI CISA KEVIntel
Summary
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
Severity
8.3 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
SSVC
Exploitation: active Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Google Chrome Affected: 134.0.6998.177 , < 134.0.6998.177 (custom)
Create a notification for this product.
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 8791bec1-8b4f-46a7-a000-a10f5d4cc2b7

Vulnerability ID: CVE-2025-2783

Status: Confirmed

Status Updated: 2025-03-27 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2025-03-27
Asserted: 2025-03-27
Scope
Notes: KEV entry: Google Chromium Mojo Sandbox Escape Vulnerability | Affected: Google / Chromium Mojo | Description: Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2025-04-17 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-2783
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes
Feed CISA Known Exploited Vulnerabilities Catalog
Product Chromium Mojo
Due Date 2025-04-17
Date Added 2025-03-27
Vendorproject Google
Vulnerabilityname Google Chromium Mojo Sandbox Escape Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 12:26 UTC | Updated: 2026-02-06 07:17 UTC
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 0b83a6f3-1776-4cc7-b44d-41933515ff74

Vulnerability ID: CVE-2025-2783

Status: Confirmed

Status Updated: 2025-03-27 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2025-03-27
Asserted: 2025-03-27
Scope
Notes: KEVIntel entry: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to... | Affected: Google / Chrome | CVSS: 8.3 (HIGH) | Used in malware: unknown | Not yet in CISA KEV: False
Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details
Feed KEVIntel (kevintel.com)
Title Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to...
Vendor Google
Product Chrome
Added Date 2025-03-27T00:00:00.000Z
Cvss Score 8.3
Epss Score None
Cvss Severity HIGH
Epss Percentile None
Used In Malware unknown
Ahead Of Cisa Kev None
Not Yet In Cisa Kev False
References
Created: 2026-06-23 14:06 UTC | Updated: 2026-06-23 14:06 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-2783",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-28T03:55:52.966374Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-03-27",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2783"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T19:09:11.033Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2783"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-03-27T00:00:00.000Z",
            "value": "CVE-2025-2783 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "134.0.6998.177",
              "status": "affected",
              "version": "134.0.6998.177",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Incorrect handle provided in unspecified circumstances",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-26T16:07:51.034Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html"
        },
        {
          "url": "https://issues.chromium.org/issues/405143032"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-2783",
    "datePublished": "2025-03-26T16:07:51.034Z",
    "dateReserved": "2025-03-25T01:09:54.034Z",
    "dateUpdated": "2026-02-26T19:09:11.033Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2025-2783",
      "dateAdded": "2025-03-27",
      "dueDate": "2025-04-17",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-2783",
      "product": "Chromium Mojo",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
      "vendorProject": "Google",
      "vulnerabilityName": "Google Chromium Mojo Sandbox Escape Vulnerability"
    },
    "epss": {
      "cve": "CVE-2025-2783",
      "date": "2026-06-28",
      "epss": "0.08404",
      "percentile": "0.94288"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-2783\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2025-03-26T16:15:23.693\",\"lastModified\":\"2026-06-17T09:07:37.023\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)\"},{\"lang\":\"es\",\"value\":\"Un identificador incorrecto proporcionado en circunstancias no especificadas en Mojo en Google Chrome para Windows anterior a la versi\u00f3n 134.0.6998.177 permiti\u00f3 que un atacante remoto escapara de la zona protegida mediante un archivo malicioso. (Severidad de seguridad de Chromium: Alta)\"}],\"affected\":[{\"source\":\"chrome-cve-admin@google.com\",\"affectedData\":[{\"vendor\":\"Google\",\"product\":\"Chrome\",\"versions\":[{\"version\":\"134.0.6998.177\",\"lessThan\":\"134.0.6998.177\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":6.0}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-03-28T03:55:52.966374Z\",\"id\":\"CVE-2025-2783\",\"options\":[{\"exploitation\":\"active\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"cisaExploitAdd\":\"2025-03-27\",\"cisaActionDue\":\"2025-04-17\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Google Chromium Mojo Sandbox Escape Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"134.0.6998.177\",\"matchCriteriaId\":\"55EB6B03-2E87-4B74-A41D-1A48BAFDC687\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://issues.chromium.org/issues/405143032\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2783\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-2783\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-28T03:55:52.966374Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2025-03-27\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2783\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-03-27T00:00:00.000Z\", \"value\": \"CVE-2025-2783 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2783\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-26T16:21:02.346Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Google\", \"product\": \"Chrome\", \"versions\": [{\"status\": \"affected\", \"version\": \"134.0.6998.177\", \"lessThan\": \"134.0.6998.177\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html\"}, {\"url\": \"https://issues.chromium.org/issues/405143032\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Incorrect handle provided in unspecified circumstances\"}]}], \"providerMetadata\": {\"orgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"shortName\": \"Chrome\", \"dateUpdated\": \"2025-03-26T16:07:51.034Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-2783\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-26T19:09:11.033Z\", \"dateReserved\": \"2025-03-25T01:09:54.034Z\", \"assignerOrgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"datePublished\": \"2025-03-26T16:07:51.034Z\", \"assignerShortName\": \"Chrome\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.