Cyber Resilience

CVE-2025-0443

HighPublic PoC

Published: 15 January 2025

Published
15 January 2025
Modified
21 April 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0086 75.5th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0443 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Google Chrome. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 24.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-0443 is an insufficient data validation vulnerability affecting the Extensions component in Google Chrome prior to version 132.0.6834.83. Published on 2025-01-15, it enables a remote attacker to perform privilege escalation via a crafted HTML page after convincing a user to engage in specific UI gestures. The flaw is associated with CWE-79 (Cross-site Scripting) and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), rated as Medium severity by Chromium security.

A remote attacker requires no privileges and can exploit this over the network with low attack complexity, though it depends on user interaction via targeted UI gestures. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, allowing privilege escalation within the browser context.

Google's stable channel update for desktop, announced at https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html, patches the issue in Chrome 132.0.6834.83. Additional details are available in the Chromium issue tracker at https://issues.chromium.org/issues/376625003. Security practitioners should prioritize updating affected Chrome installations to mitigate exploitation risk.

EU & UK References

Vulnerability details

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Direct match to privilege escalation via client-side browser exploit in Extensions component after UI interaction.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-0447Same product: Google Chrome
CVE-2026-9916Same product: Google Chrome
CVE-2026-8575Same product: Google Chrome
CVE-2026-9914Same product: Google Chrome
CVE-2026-9915Same product: Google Chrome
CVE-2026-9900Same product: Google Chrome
CVE-2026-9893Same product: Google Chrome
CVE-2026-9902Same product: Google Chrome
CVE-2026-9895Same product: Google Chrome
CVE-2026-9906Same product: Google Chrome

Affected Assets

google
chrome
≤ 132.0.6834.83

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the core issue of insufficient data validation in Chrome extensions by requiring validation of all untrusted inputs to prevent exploitation via crafted HTML pages.

prevent

Mandates timely flaw remediation, such as patching Chrome to version 132.0.6834.83, to eliminate the specific vulnerability enabling privilege escalation.

prevent

Enforces least privilege for browser extensions and processes, limiting the scope and impact of privilege escalation even if validation fails.

References