COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2025-2783

CVE-2025-2783

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-03-27
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-2783
⌖ exploited in the wild shame 50/100 exploited-in-wild

Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not lim

Players implicated

Google · vendorChromium Mojo · product

Description

Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Affected FedRAMP products 2 in the catalog

ProductProviderStatusMatch
Google Services (Google Cloud Platform Products and underlying Infrastructure) Google Authorized vendor-exact · 0.90
Google Workspace Google Authorized vendor-exact · 0.90