CVE-2025-6558 is a Google Chrome vulnerability allowing sandbox escape via crafted HTML pages. While actively exploited and on CISA KEV, it requires user interaction to visit malicious websites, making it unsuitable for T1190 direct network exploitation.
Data Source: CIRCL
Confidence: HIGH
Exploitation Method: USER_INTERACTION
CVE Published: 2025-07-15
Added to CISA KEV: 2025-07-22 7 DAYS BETWEEN CVE AND KEV
CVE-2025-6558 is a critical zero-day vulnerability that primarily affects web browsers such as Google Chrome and Apple Safari [1][2]. It stems from improper input validation in Chromium's ANGLE and GPU components [3][4]. This allows for remote exploitation through crafted HTML pages, potentially leading to a sandbox escape [5][1]. The vulnerability has been actively exploited in the wild and has been added to CISA's Known Exploited Vulnerabilities Catalog [6][7].
Here's a breakdown of the details:
The vulnerability, tracked as CVE-2025-6558 (CVSS score: 8.8), is an incorrect validation of untrusted input in the browser's ANGLE and GPU components that could result in a sandbox escape via a crafted HTML page.
CVE-2025-6558 is a Chrome zero-day exploited via ANGLE GPU input flaw. Learn how the attack works, who's at risk, and how to secure your browser.
The CVE-2025-6558 vulnerability stems from incorrect validation of untrusted input in ANGLE and GPU components.Given the active exploitation of CVE-2025-6558, delaying this update could expose users to significant security risks.
A newly discovered vulnerability, tracked as CVE-2025-6558, affecting Chromeβs ANGLE and GPU components, has been actively exploited in the wild.Attack Patterns and Social Engineering Methods. Technical Impact of Backup Compromise. Defensive Strategies.
Understand the critical aspects of CVE-2025-6558 with a detailed vulnerability assessment, exploitation potential, affected technologies, and remediation guidance.