Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-6558 | Google Chromium ANGLE and GPU Improper Input Validation Vulnerability | exploitation_technique | T1189 | Drive-by Compromise |
Comments
This vulnerability enables remote threat actors to escape the browser sandbox by leveraging a specially crafted HTML page.
References
|
| CVE-2025-6558 | Google Chromium ANGLE and GPU Improper Input Validation Vulnerability | primary_impact | T1497 | Virtualization/Sandbox Evasion |
Comments
This vulnerability enables remote threat actors to escape the browser sandbox by leveraging a specially crafted HTML page.
References
|
| CVE-2025-6558 | Google Chromium ANGLE and GPU Improper Input Validation Vulnerability | exploitation_technique | T1203 | Exploitation for Client Execution |
Comments
This vulnerability enables remote threat actors to escape the browser sandbox by leveraging a specially crafted HTML page.
References
|