Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-2783 | Google Chromium Mojo Sandbox Escape Vulnerability | secondary_impact | T1497 | Virtualization/Sandbox Evasion |
Comments
This vulnerability allows attackers to escape Chrome’s sandbox through a Mojo IPC message crafted to trigger higher privilege. Exploitation has been reported as part of a cyber-espionage campaign.
References
|
| CVE-2025-2783 | Google Chromium Mojo Sandbox Escape Vulnerability | exploitation_technique | T1203 | Exploitation for Client Execution |
Comments
This vulnerability allows attackers to escape Chrome’s sandbox through a Mojo IPC message crafted to trigger higher privilege. Exploitation has been reported as part of a cyber-espionage campaign.
References
|
| CVE-2025-2783 | Google Chromium Mojo Sandbox Escape Vulnerability | primary_impact | T1548 | Abuse Elevation Control Mechanism |
Comments
This vulnerability allows attackers to escape Chrome’s sandbox through a Mojo IPC message crafted to trigger higher privilege. Exploitation has been reported as part of a cyber-espionage campaign.
References
|