menu
techminis

A naukri.com initiative

google-web-stories
source image

Securityaffairs

3d

read

115

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium Mojo sandbox escape vulnerability, tracked as CVE-2025-2783, to its Known Exploited Vulnerabilities (KEV) catalog.
  • Google released out-of-band fixes for a high-severity security vulnerability (CVE-2025-2783) in Chrome browser for Windows. The flaw was actively exploited in attacks targeting organizations in Russia.
  • The vulnerability involves an incorrect handle provided in unspecified circumstances in Mojo on Windows, potentially enabling sandbox escapes and privilege escalation.
  • CISA has ordered federal agencies to address this vulnerability by April 17, 2025, and private organizations are recommended to review the Catalog and address the vulnerabilities in their infrastructure.

Read Full Article

like

6 Likes

For uninterrupted reading, download the app