Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Category: <h2 class="cBlue inline m-r-10">Arti<span class="cOrange">cles</span></h2>

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Information:

  Google Chrome is a free, fast, and secure web browser developed by Google for accessing the internet and web-based applications on various devices, including desktop computers, smartphones, and tablets. Chrome currently has a large number of users.

Incident:

  Google has released an urgent security update for its Chrome browser to address two security flaws, including one critical vulnerability that is currently being actively exploited in the wild.

  The flaw is identified as CVE-2025-13223 (CVSS score: 8.8), which is a Type Confusion vulnerability in the V8 JavaScript and WebAssembly engine.

  The vulnerability could allow a remote attacker to exploit heap corruption via a crafted HTML page, potentially leading to arbitrary code execution or program crashes. The flaw was discovered and reported by Google’s Threat Analysis Group (TAG) on November 12, 2025.

  Google confirmed that an "exploit for CVE-2025-13223 exists in the wild." This marks the seventh actively exploited zero-day flaw patched in Chrome since the beginning of the year.

Recommendation:

  Users are strongly advised to update their Chrome browser immediately to versions 142.0.7444.175/.176 (for Windows), 142.0.7444.176 (for Apple macOS), and 142.0.7444.175 (for Linux).Users of other Chromium-based browsers (such as Microsoft Edge, Brave, Opera, and Vivaldi) should also apply the corresponding fixes as they become available.

The important things is Security systems. We must concern and monitor as usual.
For more information please contact
Email :sales@inetms.co.th
065 149 2822 (Ms.Suphatson )
063 204 4534 (Ms.Atsamaphorn)
065 929 6330 (Ms.Kansinee)
061 387 9439 (Ms.Sirilak)
092 257 6902 (Ms.Narusorn)
063 197 7510 (Mr.Yanotai)
065 725 7405 (Ms.Nattharini)

References:

-https://thehackernews.com/2025/11/google-issues-security-fix-for-actively.html

Weekly Interesting CVE

NO.

CVE Name

Published Date

Last Update

Device/Appplication/OS Target

Attack Type

CVSS
Severity Rating

Detail

Solution

Reference
1

CVE-2025-64446

14/11/2025

15/11/2025

Fortinet
Fortiweb
version

8.0.0 through 8.0.1,

7.6.0 through 7.6.4,
7.4.0 through 7.4.9,
 7.2.0 through 7.2.11,

 7.0.0 through 7.0.11

Path traversal

9.1

A relative path traversal vulnerability in Fortinet FortiWeb may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.

Upgrade to 8.0.2,
Upgrade to 7.6.5,
Upgrade to 7.4.10,

Upgrade to 7.2.12,
Upgrade to 7.0.12 or above

 

https://fortiguard.fortinet.com/psirt/FG-IR-25-910
2

CVE-2025-21042

12/9/2025

12/11/2025

Samsung Galaxy
S22, S23, S24, Z Fold4, Z Flip4 prior SMR Apr-2025 Release in Android 13, 14, 15

Out-of-bounds write

8.8

A critical vulnerability affecting Samsung Galaxy mobile devices (including S22, S23, S24 series, and certain Z Fold/Flip models). It was actively exploited as a zero-day to deploy spyware.

Update to the SMR April 2025 security patch for Android 13/14/15.

https://app.opencve.io/cve/CVE-2025-21042
3

CVE-2025-64109

5/11/2025

6/11/2025

Cursor CLI Beta
prior 2025.09.17-25b418f version.

Os command injection

8.8

The vulnerability lies in the handling of the Model Context Protocol (MCP) server configuration file, .cursor/mcp.json, within a cloned repository. The application fails to properly neutralize special elements used in OS commands.

Update to version 2025.09.17‑25b418f or later.

https://app.opencve.io/cve/CVE-2025-64109
https://vuldb.com/?id.331231

 
 4

CVE-2025-13306

17/11/2025

17/11/2025

D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5

Command Injection

6.3

The affected component is the system function within the file /boafrm/formDebugDiagnosticRun. Manipulating the host argument can lead to Command Injection, which can be exploited remotely.

It has not been fixed yet.

https://app.opencve.io/cve/CVE-2025-13306
5

CVE-2025-65073

17/11/2025

17/11/2025

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0

Authentication Bypass

7.5

There is a vulnerability that allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to be used to obtain authorization from Keystone.

Update Keystone to a fixed version:

26.0.1 or later (for stable/zed)
27.0.0 or later (for stable/2023.1)
28.0.0 or later (for stable/2024.1)

https://www.openwall.com/lists/oss-security/2025/11/17/6

Malware News or Campaign IOC/IOA | EN

No

Campaign Name

Detection Date

Attack

Type

  

Description

  

Mitigation/Remediation
1

New EDR-Freeze tool uses Windows WER to suspend security software

22/09/2025

Defense evasion

Palo Alto Networks’ Unit 42 discovered a sophisticated Android spyware called Landfall, which exploits a previously unknown (“zero-day”) vulnerability in Samsung’s image processing library (libimagecodec.quram.so). The CVE is CVE-2025-21042. SC Media+2Purple Ops+2The campaign has been active from mid-2024 (around July) and continued until early 2025, before Samsung issued a patch in April 2025. TechCrunch+1Attack vector: malicious .DNG (Digital Negative) image files sent over WhatsApp. These images contain a hidden ZIP archive with the spyware. When the image is processed, the exploit runs automatically.
  • Avoid clicking on suspicious links or downloading software from untrusted sources.
  • The organization conducts regular awareness training for all employees.

Ref:https://www.scworld.com/brief/novel-landfall-android-spyware-exploits-samsung-zero-day

25 November 2025

Viewed 215 time

Engine by shopup.com