CVE-2025-21279

Medium

Published: 06 February 2025

Published

06 February 2025

Modified

11 February 2025

KEV Added

—

Patch

—

CVSS Score 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS Score 0.0091 75.9th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-21279 is a medium-severity Type Confusion (CWE-843) vulnerability in Microsoft Edge Chromium. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Drive-by Compromise (T1189); ranked in the top 24.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Threat & Defense at a Glance

What attackers do: exploitation maps to Drive-by Compromise (T1189) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mitigates the RCE vulnerability by requiring timely application of Microsoft patches for the specific flaw in Edge as referenced in the update guide.

SI-3 Malicious Code Protection partial match

preventdetect

Provides defense-in-depth through malicious code protection mechanisms that detect and block exploit payloads targeting the browser RCE.

RA-5 Vulnerability Monitoring and Scanning partial match

detect

Identifies unpatched Edge installations vulnerable to this CVE via regular vulnerability scanning.

MITRE ATT&CK Enterprise TechniquesAI

T1189 Drive-by Compromise Initial Access

Adversaries may gain access to a system through a user visiting a website over the normal course of browsing.

attack.mitre.org →

T1203 Exploitation for Client Execution Execution

Adversaries may exploit software vulnerabilities in client applications to execute code.

attack.mitre.org →

Why these techniques?

Browser RCE with UI:R enables drive-by compromise (T1189) and client-side exploitation for code execution (T1203).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Deeper analysisAI

CVE-2025-21279 is a Remote Code Execution vulnerability affecting Microsoft Edge (Chromium-based). Published on 2025-02-06, it has a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) and is associated with CWE-843 and NVD-CWE-noinfo.

Remote attackers can exploit this vulnerability over the network with low attack complexity and no privileges required, though user interaction is necessary. Successful exploitation enables high-impact confidentiality violations, such as unauthorized access to sensitive data, without affecting integrity or availability.

Microsoft has published an update guide with mitigation details for CVE-2025-21279 at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21279.

Details

CWE(s): CWE-843 NVD-CWE-noinfo

Affected Products

microsoft

edge chromium

≤ 133.0.3065.51

CVEs Like This One

CVE-2025-21342Same product: Microsoft Edge Chromium

CVE-2025-21408Same product: Microsoft Edge Chromium

CVE-2025-21283Same product: Microsoft Edge Chromium

CVE-2026-21223Same product: Microsoft Edge Chromium

CVE-2026-26110Same vendor: Microsoft

CVE-2025-62554Same vendor: Microsoft

CVE-2025-21326Same vendor: Microsoft

CVE-2025-53143Same vendor: Microsoft

CVE-2025-53145Same vendor: Microsoft

CVE-2025-53144Same vendor: Microsoft

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21279
Vendor Advisory · secure@microsoft.com