CVE-2025-3067
HIGHDescription
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)
Is your site exposed to CVE-2025-3067?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| chrome | |
| android |
References
Frequently Asked Questions
What is CVE-2025-3067? +
How severe is CVE-2025-3067? +
What products are affected by CVE-2025-3067? +
How do I check if I'm vulnerable to CVE-2025-3067? +
Related Vulnerabilities
In Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead …
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code …
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of …
Google Nest WiFi Pro root code-execution & user-data compromise
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default …
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and …