{"id":7164,"date":"2025-09-24T10:00:04","date_gmt":"2025-09-24T10:00:04","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/09\/24\/cisa-warns-of-google-chrome-0-day-vulnerability-exploited-in-attacks\/"},"modified":"2025-09-24T10:00:04","modified_gmt":"2025-09-24T10:00:04","slug":"cisa-warns-of-google-chrome-0-day-vulnerability-exploited-in-attacks","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/09\/24\/cisa-warns-of-google-chrome-0-day-vulnerability-exploited-in-attacks\/","title":{"rendered":"CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks"},"content":{"rendered":"

CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a high-severity zero-day vulnerability in Google Chrome that is being actively exploited in attacks.<\/p>\n

The vulnerability, tracked as CVE-2025-10585<\/a>, has been added to CISA\u2019s Known Exploited Vulnerabilities (KEV) catalog, signaling an urgent need for users and administrators to take action.<\/p>\n

Google has confirmed it is aware that an exploit for this flaw exists in the wild and has released security updates to address the threat.<\/p>\n

Understanding the V8 Type Confusion Flaw<\/strong><\/h2>\n

The vulnerability is a type confusion weakness within Chrome\u2019s V8 JavaScript and WebAssembly engine. A type confusion flaw (CWE-843) occurs when a program attempts to access a resource with an incompatible type, causing it to misinterpret the data.<\/p>\n

This can lead to memory corruption, which an attacker can leverage to crash the browser or, more critically, execute arbitrary code on the affected system.<\/p>\n

The flaw was discovered and reported by Google\u2019s own Threat Analysis Group (TAG) on September 16, 2025.<\/p>\n

While Google has not disclosed technical details about the specific attacks or the threat actors involved, this is a standard practice to prevent wider exploitation before users have a chance to apply the necessary patches.<\/p>\n

This marks the sixth Chrome zero-day vulnerability that has been actively exploited in 2025, highlighting a persistent trend of attackers targeting browser vulnerabilities.<\/p>\n

In 2025, Google addressed multiple zero-day vulnerabilities in its Chrome web browser that were actively exploited in the wild. These flaws required urgent updates to protect users from potential attacks.<\/p>\n

The table below details the Chrome zero-day vulnerabilities that have been discovered and patched throughout the year.<\/p>\n

\n\n\n\n\n\n\n\n\n\n\n
CVE ID<\/th>\nVulnerability Type<\/th>\nDescription<\/th>\nExploited in the Wild<\/th>\n<\/tr>\n<\/thead>\n
CVE-2025-10585<\/a><\/strong><\/td>\nType Confusion<\/td>\nA type confusion flaw in the V8 JavaScript engine that could be exploited via a malicious webpage.<\/td>\nYes<\/td>\n<\/tr>\n
CVE-2025-6558<\/a><\/strong><\/td>\nImproper Input Validation<\/td>\nInsufficient validation of untrusted input in the ANGLE and GPU components, allowing a remote attacker to perform a sandbox escape.<\/td>\nYes<\/td>\n<\/tr>\n
CVE-2025-6554<\/a><\/strong><\/td>\nType Confusion<\/td>\nA type confusion vulnerability in the V8 JavaScript and WebAssembly engine, which could allow an attacker to perform arbitrary read\/write operations.<\/td>\nYes<\/td>\n<\/tr>\n
CVE-2025-5419<\/a><\/strong><\/td>\nOut-of-Bounds Access<\/td>\nAn out-of-bounds read and write vulnerability in the V8 engine that could allow memory corruption by visiting a crafted webpage.<\/td>\nYes<\/td>\n<\/tr>\n
CVE-2025-2783<\/a><\/strong><\/td>\nSandbox Bypass<\/td>\nA critical vulnerability that allows for bypassing Chrome\u2019s sandbox protection.<\/td>\nYes<\/td>\n<\/tr>\n
CVE-2025-4664<\/a><\/strong><\/td>\nInsufficient policy enforcement<\/td>\nThis vulnerability was addressed by Google as a zero-day, but it is unclear if it was actively exploited in malicious attacks.<\/td>\nInsufficient validation of untrusted input in the ANGLE and GPU components allows a remote attacker to perform a sandbox escape.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n