Insufficient Input Validation in Google Chrome Affects Sandbox Security
CVE-2025-6558

8.8HIGH

Key Information:

Vendor

Google
Status
Chrome
Vendor
CVE Published:
15 July 2025

Badges

📈 Trended📈 Score: 2,450💰 Ransomware👾 Exploit Exists🦅 CISA Reported📰 News Worthy

What is CVE-2025-6558?

CVE-2025-6558 is a high-severity vulnerability found in Google Chrome, specifically related to insufficient input validation within the ANGLE and GPU components of the browser. This flaw can potentially enable remote attackers to perform a sandbox escape through a specially crafted HTML page, bypassing the protective measures intended to isolate processes and users. The main purpose of the sandbox in web browsers like Chrome is to provide a secure environment that prevents malware from affecting the underlying operating system. If exploited, this vulnerability could allow attackers to execute arbitrary code outside of the sandbox restrictions, significantly compromising the security and integrity of the affected systems.

Potential impact of CVE-2025-6558

  1. Sandbox Escape: The primary threat associated with CVE-2025-6558 is the ability to escape the sandbox environment, allowing malicious actors to gain elevated privileges on the host system. This could lead to unauthorized access to sensitive data and applications.

  2. Remote Code Execution: Due to the nature of this vulnerability, attackers can execute arbitrary code remotely, which poses risks not only to individual users but also to organizations that rely on affected instances of Chrome for secure browsing. This could result in widespread data breaches.

  3. System Compromise: If attackers successfully exploit this vulnerability, they could compromise entire systems, leading to further exploitation opportunities, such as deploying malware or ransomware, which can have catastrophic consequences for organizational operations and reputation.

CISA has reported CVE-2025-6558

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-6558 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Chrome 138.0.7204.157

News Articles

favicon imageBleepingComputer

Apple patches security flaw exploited in Chrome zero-day attacks

Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users.

1 week ago

favicon imageThe Hacker News

Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome

Apple and Google fix CVE-2025-6558, a zero-day bug in Chrome and Safari risking browser security.

1 week ago

favicon imageCISA (.gov)

CISA Adds Four Known Exploited Vulnerabilities to Catalog | CISA

CISA has added four new vulnerabilities to its KEV Catalog, based on evidence of active exploitation

2 weeks ago

References

https://chromereleases.googleblog.com/2025/07/stable-chan...
https://issues.chromium.org/issues/427162086

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 🦅

    CISA Reported

  • 💰

    Used in Ransomware

  • 📈

    Vulnerability started trending

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by SecurityWeek

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-6558 : Insufficient Input Validation in Google Chrome Affects Sandbox Security