Google Chrome Security Restriction Bypass Vulnerability

Release Date: 26 Mar 2025

RISK: High Risk

TYPE: Clients - Browsers

A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.

 

Note:

CVE-2025-2783 is being exploited in the wild, as part of a sophisticated APT attack, allowing attackers to exploit a logical error at the intersection of Google Chrome’s sandbox and the Windows operating system to bypass Chrome’s sandbox protections. Hence, the risk level is rated as High Risk.

---

Impact

• Security Restriction Bypass

---

System / Technologies affected

• Google Chrome prior to 134.0.6998.177/.178 (Windows)

---

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

• Update to version 134.0.6998.177/.178 (Windows) or later

---

Vulnerability Identifier

• CVE-2025-2783

---

Source

• Google Chrome

---

Related Link

• https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
• https://securelist.com/operation-forumtroll/115989/