CVE-2025-21253

Опубликовано: 06 фев. 2025

Источник: msrc

CVSS3: 5.3

EPSS Низкий

Описание

Microsoft Edge for IOS and Android Spoofing Vulnerability

FAQ

What is the version information for this release?

Microsoft Edge Version	Date Released	Based on Chromium Version
133.0.3065.51	2/6/2025	133.0.6943.53/54

According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L) but have no effect on integrity (I:N) or on availability (A:N). What does that mean for this vulnerability?

An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 67%

0.00544

Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2025-21253

CVSS3: 5.3

nvd

10 месяцев назад

Microsoft Edge for IOS and Android Spoofing Vulnerability

GHSA-46w9-wr67-cf43

CVSS3: 5.3

github

10 месяцев назад

Microsoft Edge for IOS and Android Spoofing Vulnerability

BDU:2025-01634

CVSS3: 5.3

fstec

10 месяцев назад

Уязвимость браузера Microsoft Edge, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 67%

0.00544

Низкий

5.3 Medium

CVSS3