Remote Code Execution Vulnerability in Microsoft Edge by Microsoft
CVE-2025-21408

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 6 February 2025

What is CVE-2025-21408?

A remote code execution vulnerability in Microsoft Edge (Chromium-based) allows attackers to execute arbitrary code on the affected system. Successful exploitation could lead to unauthorized actions, exposing user data and compromising security. Users are advised to update to the latest version of Microsoft Edge to mitigate the risk associated with this vulnerability.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0 < 133.0.3065.51

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 6, 2025
Vulnerability Reserved
Dec 11, 2024