Sandbox Escape Vulnerability in Mojo of Google Chrome
CVE-2025-2783

8.3HIGH

Key Information:

Vendor
Google
Status
Vendor
CVE Published:
26 March 2025

Badges

🔥 Trending now🥇 Trended No. 1📈 Trended📈 Score: 13,900💰 Ransomware👾 Exploit Exists🟣 EPSS 13%🦅 CISA Reported📰 News Worthy

What is CVE-2025-2783?

CVE-2025-2783 is a high-severity vulnerability found in the Mojo component of Google Chrome, specifically affecting versions prior to 134.0.6998.177 for Windows. This flaw allows remote attackers to exploit a sandbox escape through malicious files, undermining the security intended to isolate web content and applications from the rest of the operating system. Given that Google Chrome is widely used for web browsing and online activities, this vulnerability poses a significant risk for organizations, as it can lead to unauthorized access to sensitive information and potential system compromise.

Technical Details

The vulnerability stems from an incorrect handling within the Mojo component of Google Chrome. It facilitates a sandbox escape, where attackers can circumvent the security model that confines processes to a controlled environment. Maliciously crafted files can trigger this vulnerability, enabling attackers to execute code outside the sandbox, thereby gaining broader access to the system.

Potential Impact of CVE-2025-2783

  1. Unauthorized Access: Successful exploitation can allow attackers to gain unauthorized access to the machine, potentially granting them the ability to execute malicious actions and exfiltrate sensitive data.

  2. System Compromise: The vulnerability may lead to full system compromise, where attackers can install additional malware, create backdoors, or manipulate system configurations to maintain persistent access.

  3. Data Breach Risks: Organizations could face significant data breaches as a result of unauthorized data access, leading to potential legal implications, loss of customer trust, and financial consequences.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Chrome 134.0.6998.177

News Articles

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

Google patched a Chrome 0-day (CVE-2025-2783) used in live attacks on Russian targets via phishing.

2 days ago

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

5 days ago

Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching,

5 days ago

References

EPSS Score

13% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 💰

    Used in Ransomware

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • 📈

    Vulnerability started trending

  • Vulnerability published

  • 📰

    First article discovered

  • Vulnerability Reserved

.