8.8 CVE-2025-13631
Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)
https://nvd.nist.gov/vuln/detail/CVE-2025-13631
Categories
CWE-NVD-noinfo
References
chrome-cve-admin@google.com
| https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-deskt... Release Notes Vendor Advisory |
| https://issues.chromium.org/issues/448113221 Issue Tracking Permissions Required |
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| AND | ||
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | < 143.0.7499.40 | |
| Running on/with | ||
| cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* | ||
| Configuration 2 | ||
| AND | ||
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | < 143.0.7499.40 | |
| Running on/with | ||
| cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* | ||
REMEDIATION
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| No known exploits |
Other Nist (github, ...)
| Url |
|---|
| No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
