Cyber Resilience

CVE-2025-21408

High

Published: 06 February 2025

Published
06 February 2025
Modified
11 February 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0036 58.7th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-21408 is a high-severity Type Confusion (CWE-843) vulnerability in Microsoft Edge Chromium. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 41.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2025-21408 is a Remote Code Execution vulnerability in Microsoft Edge, the Chromium-based web browser. Published on 2025-02-06, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and is associated with CWE-843 and NVD-CWE-noinfo.

The vulnerability enables exploitation over a network with low attack complexity, requiring no privileges but user interaction, such as clicking a malicious link. Attackers can achieve high impacts on confidentiality, integrity, and availability, allowing remote code execution on affected systems.

Microsoft's Security Response Center update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21408 provides details on patches and mitigation steps.

EU & UK References

Vulnerability details

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1204.001 Malicious Link Execution
An adversary may rely upon a user clicking a malicious link in order to gain execution.
Why these techniques?

Browser RCE vulnerability exploited via malicious link with user interaction directly enables T1203 (Exploitation for Client Execution) and T1204.001 (Malicious Link) for initial code execution on the client system.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-21342Same product: Microsoft Edge Chromium
CVE-2025-21279Same product: Microsoft Edge Chromium
CVE-2026-45495Same product: Microsoft Edge Chromium
CVE-2025-21283Same product: Microsoft Edge Chromium
CVE-2026-41107Same product: Microsoft Edge Chromium
CVE-2026-21223Same product: Microsoft Edge Chromium
CVE-2025-21326Same vendor: Microsoft
CVE-2026-26110Same vendor: Microsoft
CVE-2025-62554Same vendor: Microsoft
CVE-2026-20860Same vendor: Microsoft

Affected Assets

microsoft
edge chromium
≤ 133.0.3065.51

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the specific remote code execution flaw in Microsoft Edge by requiring timely patching as detailed in the MSRC update guide.

preventdetect

Anti-malware scanning and protection mechanisms prevent or detect malicious payloads exploiting this browser RCE vulnerability via user-interacted links.

preventdetect

Vulnerability scanning identifies systems running vulnerable versions of Microsoft Edge, enabling remediation before exploitation of CVE-2025-21408.

References