CVE-2025-21262

Published Jan 24, 2025

Last updated 15 days ago

CVSS medium 5.4

Overview

Description
User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network
Source
secure@microsoft.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
5.4
Impact score
2.5
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

secure@microsoft.com
CWE-451
nvd@nist.gov
NVD-CWE-Other

Social media

Hype score
Not currently trending

  1. 🟠 #Microsoft Edge (Chromium-based), UI Misrepresentation Vulnerability #CVE-2025-21262 (Medium) https://t.co/4wpPVPqBWA

    @dailycve

    7 Feb 2025

    30 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Microsoft Edge, 1 faille critique de Sécurité permet un contournement des politiques de sécurité du navigateur. Bulletin de sécurité Microsoft Edge CVE-2025-21262 (24 janvier 2025). https://t.co/s2AU4WVrXd #.Contournement de Politique Sécurité #.Correctif #.Faille #CERT

    @NicolasCoolman

    29 Jan 2025

    22 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-21262 Microsoft Edge (Chromium-based) Spoofing Vulnerability https://t.co/i8F5EwAQcT

    @CVEnew

    24 Jan 2025

    562 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

Configurations

References