Spoofing Vulnerability in Microsoft Edge by Microsoft
CVE-2025-29825

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 2 May 2025

Summary

A vulnerability in Microsoft Edge's user interface misrepresentation may allow attackers to execute spoofing attacks across the network, potentially misleading users and compromising data integrity. This lack of proper information representation could be exploited to trick users into believing they are interacting with trusted content, leading to unauthorized access or interaction with malicious entities.

Affected Version(s)

Microsoft Edge (Chromium-based) Unknown 1.0.0.0 < 136.0.3240.50

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 2, 2025
Vulnerability Reserved
Mar 11, 2025