Scribd
Upload
9 views2 pages

CERT-In Vulnerability Notes

CERT-In has issued a vulnerability note (CIVN-2025-0024) regarding multiple high-severity vulnerabilities in Google Chrome for Desktop, affecting versions prior to 133.0.6943.98/.99 for Windows and Mac, and prior to 133.0.6943.98 for Linux. These vulnerabilities could allow remote attackers to execute arbitrary code by persuading users to visit malicious web pages, potentially leading to sensitive information disclosure or system instability. Users are advised to apply the necessary updates as outlined by the vendor.

Uploaded by

swati.bhardwaj8nov
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views2 pages

CERT-In Vulnerability Notes

CERT-In has issued a vulnerability note (CIVN-2025-0024) regarding multiple high-severity vulnerabilities in Google Chrome for Desktop, affecting versions prior to 133.0.6943.98/.99 for Windows and Mac, and prior to 133.0.6943.98 for Linux. These vulnerabilities could allow remote attackers to execute arbitrary code by persuading users to visit malicious web pages, potentially leading to sensitive information disclosure or system instability. Users are advised to apply the necessary updates as outlined by the vendor.

Uploaded by

swati.bhardwaj8nov
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

2/20/25, 12:09 PM CERT-In Vulnerability Notes

CERT-In Vulnerability Note CIVN-2025-0024


Multiple Vulnerabilities in Google Chrome for Desktop

Original Issue Date:February 17, 2025

Severity Rating: HIGH

Software Affected

Google Chrome versions prior to 133.0.6943.98/.99 for Window and Mac


Google Chrome versions prior to 133.0.6943.98 for Linux

Overview

Multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code on
the targeted system.

Target Audience:
All end-user organizations and individuals using Google Chrome for Desktop.

Impact Assessment:
Potential for sensitive information disclosure or system instability.

Description

Google Chrome is a popular internet browser that is used for accessing the information available on worldwide web. It is
designed for use on desktop computers, such as those running on windows, macOS, or Linux operating system.

Multiple vulnerabilities exists in Google Chrome due to Use after free in V8 and Navigation; Inappropriate implementation in
Browser UI & Out of bounds memory access in V8. A remote attacker could exploit these vulnerabilities by persuading a victim
to visit a specially crafted web page.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code on the targeted system.

Solution

Apply appropriate updates as mentioned by the vendor


https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html

Vendor Information

Google Chrome
https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html

References

Google Chrome
https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html

CVE Name
CVE-2025-0995
CVE-2025-0996
CVE-2025-0997
CVE-2025-0998

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: info@cert-in.org.in
Phone: +91-11-22902657

Postal address

Indian Computer Emergency Response Team (CERT-In)


Ministry of Electronics and Information Technology
about:blank 1/2
2/20/25, 12:09 PM CERT-In Vulnerability Notes
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India

about:blank 2/2

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy