CVE-2025-3067

HIGH8.8

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135

Published Apr 2, 2025

Modified 6 days ago

Fix available

Details

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)

Affected Packages

Google Chrome

Windows 10 (1507)Windows 10 (1607) / Server 2016Windows 10 (1809) / Server 2019Windows 10 (1903)Windows 10 (1909)

Fixed in:

135.0.7049.52

References

WEB

https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

WEB

https://issues.chromium.org/issues/376491759

WEB

https://taptrap.click