Remote Code Execution Vulnerability in Microsoft Edge by Microsoft
CVE-2025-29806

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 23 March 2025

What is CVE-2025-29806?

A remote code execution vulnerability in Microsoft Edge (Chromium-based) could allow an unauthorized attacker to execute arbitrary code on a user's system over a network. This issue arises from improper handling of objects in memory, which could be exploited to gain control of the system and execute malicious commands, potentially compromising sensitive information and system integrity.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0.0 < 129.0.2792.52

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 23, 2025
Vulnerability Reserved
Mar 11, 2025