Microsoft Edge Security Restriction Bypass Vulnerability

Release Date: 28 Mar 2025

RISK: High Risk

TYPE: Clients - Browsers

A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.

 

Note:

CVE-2025-2783 is being exploited in the wild, as part of a sophisticated APT attack, allowing attackers to exploit a logical error at the intersection of sandbox and the Windows operating system to bypass sandbox protections. Hence, the risk level is rated as High Risk.

---

Impact

• Security Restriction Bypass

---

System / Technologies affected

• Microsoft Edge Stable Channel version prior to 134.0.3124.93

---

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

• Update to Microsoft Edge Stable Channel version 134.0.3124.93 or later

---

Vulnerability Identifier

• CVE-2025-2783

---

Source

• Microsoft Edge

---

Related Link

• https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#march-26-2025
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2783