Remote Code Execution Vulnerability in Microsoft Edge by Microsoft
CVE-2025-21283

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 6 February 2025

Summary

A remote code execution vulnerability has been identified in Microsoft Edge (Chromium-based) which could allow an attacker to execute arbitrary code on the affected system. This may result in the installation of malicious software, unauthorized access to sensitive data, or further attacks on the network. Users are encouraged to apply the necessary security updates to mitigate the risk associated with this vulnerability and enhance their cybersecurity posture.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0 < 133.0.3065.51

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2025
Vulnerability Reserved
Dec 10, 2024