CVE-2025-13631
Published: 02 December 2025
Summary
CVE-2025-13631 is a high-severity an unspecified weakness vulnerability in Google Chrome. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 20.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires timely patching of the Google Updater flaw in Chrome prior to 143.0.7499.41 to eliminate the privilege escalation vulnerability.
Enforces validation of information inputs like crafted files to counter the inappropriate implementation in Google Updater enabling remote privilege escalation.
Mitigates privilege escalation impact by ensuring Google Updater and related processes operate with least privileges necessary on macOS systems.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability in Google Chrome Updater on macOS enables remote exploitation of a crafted file requiring user interaction for arbitrary code execution (T1203) and subsequent privilege escalation (T1068).
NVD Description
Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)
Deeper analysisAI
CVE-2025-13631 is a high-severity vulnerability stemming from an inappropriate implementation in the Google Updater component of Google Chrome on macOS versions prior to 143.0.7499.41. It enables a remote attacker to achieve privilege escalation by leveraging a crafted file. The issue carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), reflecting its potential for significant impact on confidentiality, integrity, and availability.
A remote attacker can exploit this vulnerability without prior privileges by tricking a user into interacting with a specially crafted file, such as through social engineering via email or a malicious website. Successful exploitation grants elevated privileges on the affected macOS system, potentially allowing arbitrary code execution with higher permissions and full compromise of the targeted machine.
Google's stable channel update for desktop, detailed at https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html, addresses the vulnerability in Chrome version 143.0.7499.41 and later. Additional technical details are available in the Chromium issue tracker at https://issues.chromium.org/issues/448113221. Security practitioners should prioritize updating affected Chrome installations on macOS to mitigate the risk.
Details
- CWE(s)