Spoofing Vulnerability in Microsoft Edge for Android
CVE-2025-49755

4.3MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Edge For Android
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-49755?

A security issue in Microsoft Edge on Android has been identified, where a misrepresentation of critical information in the user interface may be exploited by unauthorized attackers to perform spoofing attacks over a network. This vulnerability can potentially allow attackers to deceive users by displaying misleading information, thereby undermining the integrity of user interactions and the overall security of data transmitted through the application. Users are encouraged to review the situation and apply necessary updates as per vendor advisories to mitigate this risk.

Affected Version(s)

Microsoft Edge for Android Unknown 1.0.0 < 139.0.3405.86

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Jun 9, 2025