1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Google Chromium ANGLE and GPU Improper Input Validation Vulnerability

Known Exploited Vulnerabilities CVE-2025-6558

Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulnerability exploitation_technique T1189 Drive-by Compromise
Comments
This vulnerability enables remote threat actors to escape the browser sandbox by leveraging a specially crafted HTML page.
References
  1. https://www.secpod.com/blog/joint-threat-to-safari-and-chrome-users-patch-cve-2025-6558-now/
  2. https://socprime.com/blog/cve-2025-6558-google-chrome-vulnerability/ https://thehackernews.com/2025/07/urgent-google-releases-critical-chrome.html
CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulnerability primary_impact T1497 Virtualization/Sandbox Evasion
Comments
This vulnerability enables remote threat actors to escape the browser sandbox by leveraging a specially crafted HTML page.
References
  1. https://www.secpod.com/blog/joint-threat-to-safari-and-chrome-users-patch-cve-2025-6558-now/
  2. https://socprime.com/blog/cve-2025-6558-google-chrome-vulnerability/ https://thehackernews.com/2025/07/urgent-google-releases-critical-chrome.html
CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulnerability exploitation_technique T1203 Exploitation for Client Execution
Comments
This vulnerability enables remote threat actors to escape the browser sandbox by leveraging a specially crafted HTML page.
References
  1. https://www.secpod.com/blog/joint-threat-to-safari-and-chrome-users-patch-cve-2025-6558-now/
  2. https://socprime.com/blog/cve-2025-6558-google-chrome-vulnerability/ https://thehackernews.com/2025/07/urgent-google-releases-critical-chrome.html