CVE-2025-21404

Опубликовано: 06 фев. 2025

Источник: msrc

CVSS3: 4.3

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Spoofing Vulnerability

FAQ

What is the version information for this release?

Microsoft Edge Version	Date Released	Based on Chromium Version
133.0.3065.51	2/6/2025	133.0.6943.53/54

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.

According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 29%

0.00103

Низкий

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2025-21404

CVSS3: 4.3

nvd

7 месяцев назад

Microsoft Edge (Chromium-based) Spoofing Vulnerability

GHSA-g6rc-7qwp-r256

CVSS3: 4.3

github

7 месяцев назад

Microsoft Edge (Chromium-based) Spoofing Vulnerability

BDU:2025-01857

CVSS3: 4.3

fstec

7 месяцев назад

Уязвимость браузера Microsoft Edge, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 29%

0.00103

Низкий

4.3 Medium

CVSS3