Feb 2025: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21283 Published on February 6, 2025
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Weakness Type
Insufficient Granularity of Address Regions Protected by Register Locks
The product defines a large address region protected from modification by the same register lock control bit. This results in a conflict between the functional requirement that some addresses need to be writable by software during operation and the security requirement that the system configuration lock bit must be set during the boot process.
Products Associated with CVE-2025-21283
stack.watch emails you whenever new vulnerabilities are published in Microsoft Edge Chromium or Microsoft Edge Browser. Just hit a watch button to start following.
Affected Versions
Microsoft Edge (Chromium-based):- Version 1.0.0.0 and below 133.0.3065.51 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.