CVE-2025-47967

CWE-3574 documents4 sources

Severity

4.7MEDIUM

EPSS

0.1%

top 78.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Microsoft Edge (chromium-based)Microsoft Edge

Timeline

PublishedSep 16

Description

Insufficient ui warning of dangerous operations in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶NVDmicrosoft/edge< 140.0.3485.71

▶CVEListV5microsoft/microsoft_edge_(chromium-based)1.0.0.0 — 140.0.3485.71

🔴Vulnerability Details

CVEList

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability↗2025-09-16

▶

GHSA

GHSA-w837-7f8r-vf6m: Insufficient ui warning of dangerous operations in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network↗2025-09-16

▶

📋Vendor Advisories

Microsoft

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability↗2025-09-09

▶