Cyber Resilience

CVE-2025-13631

High

Published: 02 December 2025

Published
02 December 2025
Modified
04 December 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0008 23.2th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-13631 is a high-severity an unspecified weakness vulnerability in Google Chrome. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 23.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-13631 is a high-severity vulnerability stemming from an inappropriate implementation in the Google Updater component of Google Chrome on macOS versions prior to 143.0.7499.41. It enables a remote attacker to achieve privilege escalation by leveraging a crafted file. The issue carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), reflecting its potential for significant impact on confidentiality, integrity, and availability.

A remote attacker can exploit this vulnerability without prior privileges by tricking a user into interacting with a specially crafted file, such as through social engineering via email or a malicious website. Successful exploitation grants elevated privileges on the affected macOS system, potentially allowing arbitrary code execution with higher permissions and full compromise of the targeted machine.

Google's stable channel update for desktop, detailed at https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html, addresses the vulnerability in Chrome version 143.0.7499.41 and later. Additional technical details are available in the Chromium issue tracker at https://issues.chromium.org/issues/448113221. Security practitioners should prioritize updating affected Chrome installations on macOS to mitigate the risk.

EU & UK References

Vulnerability details

Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The vulnerability in Google Chrome Updater on macOS enables remote exploitation of a crafted file requiring user interaction for arbitrary code execution (T1203) and subsequent privilege escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-8511Same product: Apple Macos
CVE-2026-7908Same product: Apple Macos
CVE-2026-9980Same product: Apple Macos
CVE-2026-6314Same product: Apple Macos
CVE-2026-8512Same product: Apple Macos
CVE-2026-6304Same product: Apple Macos
CVE-2026-6296Same product: Apple Macos
CVE-2026-3545Same product: Apple Macos
CVE-2026-7922Same product: Apple Macos
CVE-2026-7991Same product: Apple Macos

Affected Assets

google
chrome
≤ 143.0.7499.40 · ≤ 143.0.7499.40

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely patching of the Google Updater flaw in Chrome prior to 143.0.7499.41 to eliminate the privilege escalation vulnerability.

prevent

Enforces validation of information inputs like crafted files to counter the inappropriate implementation in Google Updater enabling remote privilege escalation.

prevent

Mitigates privilege escalation impact by ensuring Google Updater and related processes operate with least privileges necessary on macOS systems.

References