๐ŸŸข CVE-2025-6554

CVE-2025-6554 is a type confusion vulnerability in Google Chrome's V8 JavaScript engine that allows arbitrary read/write via crafted HTML pages. While actively exploited and on CISA KEV, it requires user interaction and affects client-side browser software, not internet-facing server applications.

โ† Back to Overview
LOW_RISK
Risk Level
8.1
CVSS Score
NETWORK
Attack Vector
Initial Access
ATT&CK Tactic
T1189 โ€” Drive-by Compromise
ATT&CK Technique
VERY_LOW
Deployment Risk
No
Ransomware

๐Ÿ“‹ Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: USER_INTERACTION

CVE Published: 2025-06-30

Added to CISA KEV: 2025-07-02 2 DAYS BETWEEN CVE AND KEV

๐ŸŽฏ Recommendations:

๐Ÿ” Web Intelligence (Kagi ยท 2025-09-06)

CVE-2025-6554 is a critical zero-day vulnerability affecting Google Chrome and other Chromium-based browsers [1][2]. Here's what is known about its exploitation:

  • Affected Applications: The vulnerability affects Google Chrome and other Chromium-based browsers [1][2].
  • Internet-facing: Successful exploitation could allow for arbitrary code execution in the context of the logged-on user [3]. The vulnerability can be triggered by simply opening a crafted HTML page, making it easily exploitable over the internet [4][5].
  • Active Exploitation: CVE-2025-6554 has been actively exploited in the wild [6][7]. Google has released security patches to address the vulnerability due to the availability of exploits [7].
  • Attack Vectors and Exploitation Methods: The vulnerability is a type confusion issue in the V8 JavaScript engine [4][5]. A remote attacker can perform arbitrary read/write operations by processing a specially crafted HTML page, leading to arbitrary code execution [4][5].
  • Targeted Attacks: The flaw has been actively exploited in attacks targeting organizations in Russia [7][8].
  • CISA Known Exploited Vulnerabilities (KEV) Status: CISA has added CVE-2025-6554 to its Known Exploited Vulnerabilities Catalog, indicating that it has been actively exploited [9][5]. Federal Civilian Executive Branch (FCEB) agencies have been advised to address the vulnerability urgently [9].
  • Technical Details: CVE-2025-6554 is a type confusion vulnerability in the V8 JavaScript engine [4][5]. This allows a remote attacker to perform arbitrary read/write operations via a crafted HTML page [4][5]. Exploitation depends on attack complexity and the privileges required by the attacker [10].

Sources

  1. CVE-2025-6554 Impact, Exploitability, and Mitigation Steps | Wiz

    A high-severity zero-day vulnerability identified as CVE-2025-6554 was discovered in Google Chrome's V8 JavaScript and WebAssembly engine.

  2. Chrome V8 Zero-Day: CVE-2025-6554 Actively Exploited

    CVE-2025-6554 is a critical V8 Zero-Day vulnerability actively exploited in Chrome v138 and earlier, allowing remote code execution via ...

  3. A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution

    CISA has added CVE-2025-6554 to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

  4. CVE-2025-6554 - Red Hat Customer Portal

    This allows an attacker to potentially manipulate memory contents. The exploitation vector involves the processing of malicious HTML content.

  5. CVE-2025-6554 details - NVD

    Description. Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.

Generated by PatchNow Intelligence System

Analysis based on CIRCL.LU data, Claude AI assessment, and MITRE ATT&CK framework

๐Ÿ“„ Download JSON Data | ๐Ÿ“ก RSS Feed