⚠ Actively exploited

Added to CISA KEV on 2025-03-27. Federal agencies required to patch by 2025-04-17. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..

CVE-2025-2783 — Resource Exposure in Google Chrome

CWE-668 — Resource Exposure42 documents21 sources

Severity

10.0CRITICALNVD

NVD8.3CNA8.3GHSA8.3OSV8.3VulnCheck8.3CISA8.3

EPSS

39.5%

top 2.69%

CISA KEV

KEV

Added 2025-03-27

Due 2025-04-17

Exploit

PoC available

Public exploit / PoC exists

Affected products

Google Chrome Mozilla Firefox Paloalto Prisma Access +1 more

Timeline

PublishedMar 26

KEV addedMar 27

KEV dueApr 17

Latest updateMar 5

CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 1.6 | Impact: 6.0

Affected Packages5 packages

▶CVEListV5google/chrome134.0.6998.177 — 134.0.6998.177

▶NVDgoogle/chrome< 134.0.6998.177

▶NVDmozilla/firefox128.1.0 — 128.8.1+2

▶Palo Altopaloalto/prisma_access

▶Palo Altopaloalto/prisma_browser

🔴Vulnerability Details

GHSA

CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows↗2025-04-12

▶

OSV

CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows↗2025-04-12

▶

CVEList

Incorrect handle could lead to sandbox escapes↗2025-03-27

▶

GHSA

GHSA-h8g5-2596-xjh9: Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code↗2025-03-27

▶

GHSA

GHSA-hfqm-jfc6-rh2f: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134↗2025-03-26

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 - Sandbox Escape↗2025-08-11

▶

📋Vendor Advisories

CISA ICS

Siemens COMOS↗2026-02-12

▶

Palo Alto

PAN-SA-2025-0008 Chromium and Prisma Browser: Monthly Vulnerability Update (April 2025)↗2025-04-09

▶

CISA

Google Chromium Mojo Sandbox Escape Vulnerability↗2025-03-27

▶

Red Hat

firefox: Firefox IPC sandbox escape on windows↗2025-03-27

▶

Red Hat

mojo: chromium: chromium Mojo on Windows↗2025-03-25

▶

🕵️Threat Intelligence

Mandiant

Look What You Made Us Patch: 2025 Zero-Days in Review↗2026-03-05

▶

Mandiant

Look What You Made Us Patch: 2025 Zero-Days in Review↗2026-03-05

▶

Securelist

Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports↗2025-12-17

▶

Securelist

A new campaign by the ForumTroll APT group↗2025-12-17

▶

Bleepingcomputer

Google fixes eighth Chrome zero-day exploited in attacks in 2025↗2025-12-11

▶

💬Community

Bugzilla

Investigate Windows Chromium pseudo handle issue↗2025-03-26

▶