CVE-2025-2783
Published: 26 March 2025
Summary
CVE-2025-2783 is a high-severity an unspecified weakness vulnerability in Google Chrome. Its CVSS base score is 8.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 2.3% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-3 (Malicious Code Protection).
Deeper analysis
CVE-2025-2783 is an incorrect handle issue in the Mojo component of Google Chrome on Windows in versions prior to 134.0.6998.177. The flaw permits a sandbox escape when a malicious file is processed under unspecified circumstances, carrying a CVSS 3.1 score of 8.3 reflecting network attack vector, high complexity, required user interaction, and full impact across confidentiality, integrity, and availability once the sandbox boundary is crossed.
A remote attacker can exploit the vulnerability by supplying a crafted file that the victim must open in an affected Chrome instance. Successful exploitation yields a sandbox escape, allowing code execution outside Chrome's security sandbox with the potential to affect the underlying Windows system at a high impact level.
The referenced Google Chrome stable channel update for desktop dated 25 March 2025 upgrades the browser to version 134.0.6998.177 to address the issue. The vulnerability is also catalogued in CISA's Known Exploited Vulnerabilities list, confirming that mitigation through patching is required for affected Windows deployments.
The EPSS score rose from lower values to a peak of 0.5010 on 18 February 2026 before receding to the current 0.4686, indicating that exploitation interest increased after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-8225
Vulnerability details
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
- CWE(s)
- KEV Date Added
- 27 March 2025
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes a sandbox escape vulnerability in Chrome (client application) triggered by a malicious file, directly enabling exploitation for client execution (T1203) to run code outside the sandbox and exploitation for privilege escalation (T1068) to achieve system-level access with high impact.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires timely remediation of the specific sandbox escape flaw in Chrome via patching to version 134.0.6998.177 or later, as listed in the CISA KEV catalog.
Deploys anti-malware tools to scan, block, and remove malicious files exploiting the Mojo handle vulnerability for sandbox escape.
Enforces process isolation to contain sandbox escapes from incorrect Mojo handles and limit post-escape privileges.