CVE-2025-53791Improper Access Control in Microsoft Edge

CWE-284Improper Access Control4 documents4 sources
Severity
4.7MEDIUMNVD
EPSS
0.1%
top 81.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft EdgeMicrosoft Edge Chromium
Timeline
PublishedSep 5
Latest updateSep 9

Description

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 1.6 | Impact: 2.7

Affected Packages2 packages

NVDmicrosoft/edge_chromium< 140.0.3485.54
CVEListV5microsoft/microsoft_edge1.0.0.0140.0.3485.54

🔴Vulnerability Details

2
CVEList
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability2025-09-05
GHSA
GHSA-xmmg-3xcm-7hc7: Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network2025-09-05

📋Vendor Advisories

1
Microsoft
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability2025-09-09