The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently taken a significant step in cybersecurity by adding a Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog. This move comes in response to the discovery of a sandbox escape vulnerability, identified as CVE-2025-2783, which has been actively exploited in attacks targeting organizations in Russia.
The vulnerability, which involves an incorrect handle provided in unspecified circumstances in Mojo on Windows, was reported by Kaspersky researchers Boris Larin and Igor Kuznetsov on March 20, 2025. Mojo, Google’s IPC library for Chromium-based browsers, is responsible for managing sandboxed processes for secure communication. While it enhances Chrome’s security on Windows, past vulnerabilities have enabled sandbox escapes and privilege escalation.
Google has already released out-of-band fixes to address the high-severity security vulnerability in the Chrome browser for Windows. The company has confirmed that the flaw was actively exploited in attacks and has urged users to update to the latest version of Chrome to mitigate the risk. However, Google has not disclosed specific details about the attacks or the threat actors behind them.
In response to the discovery of this vulnerability, CISA has directed federal agencies to address the issue by April 17, 2025, in accordance with Binding Operational Directive (BOD) 22-01. The directive requires FCEB agencies to fortify their networks against potential attacks exploiting known vulnerabilities listed in the catalog.
Private organizations are also advised to review the Known Exploited Vulnerabilities catalog and take necessary steps to secure their infrastructure. By promptly addressing the identified vulnerabilities, both government and private entities can enhance their cybersecurity posture and safeguard against potential threats.
Overall, the addition of the Google Chromium Mojo flaw to the Known Exploited Vulnerabilities catalog underscores the ongoing challenges in the cybersecurity landscape. With cyber threats becoming increasingly sophisticated, it is crucial for organizations to remain vigilant and proactive in addressing vulnerabilities to mitigate risks and protect sensitive data.
For more updates on cybersecurity news and developments, follow Security Affairs on Twitter, Facebook, and Mastodon, and stay informed about the latest trends in information security.