Sandbox Escape Vulnerability in Mojo of Google Chrome
CVE-2025-2783

8.3HIGH

Key Information:

Vendor
Google
Status
Chrome
Vendor
CVE Published:
26 March 2025

Badges

🥇 Trended No. 1📈 Trended📈 Score: 13,900💰 Ransomware👾 Exploit Exists🦅 CISA Reported📰 News Worthy

What is CVE-2025-2783?

CVE-2025-2783 is a high-severity vulnerability found in the Mojo component of Google Chrome, specifically affecting versions prior to 134.0.6998.177 for Windows. This flaw allows remote attackers to exploit a sandbox escape through malicious files, undermining the security intended to isolate web content and applications from the rest of the operating system. Given that Google Chrome is widely used for web browsing and online activities, this vulnerability poses a significant risk for organizations, as it can lead to unauthorized access to sensitive information and potential system compromise.

Technical Details

The vulnerability stems from an incorrect handling within the Mojo component of Google Chrome. It facilitates a sandbox escape, where attackers can circumvent the security model that confines processes to a controlled environment. Maliciously crafted files can trigger this vulnerability, enabling attackers to execute code outside the sandbox, thereby gaining broader access to the system.

Potential Impact of CVE-2025-2783

  1. Unauthorized Access: Successful exploitation can allow attackers to gain unauthorized access to the machine, potentially granting them the ability to execute malicious actions and exfiltrate sensitive data.

  2. System Compromise: The vulnerability may lead to full system compromise, where attackers can install additional malware, create backdoors, or manipulate system configurations to maintain persistent access.

  3. Data Breach Risks: Organizations could face significant data breaches as a result of unauthorized data access, leading to potential legal implications, loss of customer trust, and financial consequences.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Chrome 134.0.6998.177

News Articles

favicon imageThe Hacker News

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

Google patched a Chrome 0-day (CVE-2025-2783) used in live attacks on Russian targets via phishing.

4 weeks ago

favicon imageSC Media

Firefox patches flaw similar to exploited Chrome zero-day

The sandbox escape flaw affected Firefox and Chrome browsers on Windows machines.

1 month ago

favicon imageCISA (.gov)

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

1 month ago

References

https://chromereleases.googleblog.com/2025/03/stable-chan...
https://issues.chromium.org/issues/405143032

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 💰

    Used in Ransomware

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • 📈

    Vulnerability started trending

  • Vulnerability published

  • 📰

    First article discovered

  • Vulnerability Reserved

.