CVE-2025-2783: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to...

8.3 CVSS

Description

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

Known Exploited

🚨 Marked as known exploited on March 26th, 2025 (24 days ago).

Classification

CVE ID: CVE-2025-2783

CVSS Base Severity: HIGH

CVSS Base Score: 8.3

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Problem Types

Incorrect handle provided in unspecified circumstances

Affected Products

Vendor: Google

Product: Chrome

Exploit Prediction Scoring System (EPSS)

EPSS Score: 1.63% (probability of being exploited)

EPSS Percentile: 80.83% (scored less or equal to compared to others)

EPSS Date: 2025-04-18 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: total

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://issues.chromium.org/issues/405143032

Timeline

2025-03-26 05:00:42 UTC
TheHackerNews

Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
2025-03-26 05:01:41 UTC
🚨 Marked as Known Exploited
2025-03-26 17:40:14 UTC
CVE

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to...
2025-03-27 18:45:15 UTC
CISA KEV

Google Chromium Mojo Sandbox Escape Vulnerability
2025-04-02 10:30:21 UTC
Tenable Plugins

openSUSE 15 Security Update : opera (openSUSE-SU-2025:0111-1)
2025-04-12 04:15:28 UTC
Github Advisory Database (Nuget)

[CefSharp.OffScreen] CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
2025-04-12 04:15:28 UTC
Github Advisory Database (Nuget)

[CefSharp.OffScreen.NetCore] CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
2025-04-12 04:15:28 UTC
Github Advisory Database (Nuget)

[CefSharp.WinForms.NetCore] CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
2025-04-12 04:15:28 UTC
Github Advisory Database (Nuget)

[CefSharp.WinForms] CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
2025-04-12 04:15:28 UTC
Github Advisory Database (Nuget)

[CefSharp.Wpf.NetCore] CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
2025-04-12 04:15:28 UTC
Github Advisory Database (Nuget)

[CefSharp.Wpf.HwndHost] CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
2025-04-12 04:15:28 UTC
Github Advisory Database (Nuget)

[CefSharp.Wpf] CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows