UI Spoofing Vulnerability in Google Chrome for Android
CVE-2025-1922

4.3MEDIUM

Key Information:

Vendor
Google
Status
Vendor
CVE Published:
5 March 2025

Summary

A vulnerability in Google Chrome for Android enables remote attackers to perform UI spoofing by persuading users to execute specific gestures on a crafted HTML page. This flaw can potentially lead to deceptive interactions by altering the appearance of the user interface, creating a risk for unsuspecting users.

Affected Version(s)

Chrome 134.0.6998.35

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.