Severity
Medium
Analysis Summary
CVE-2025-21408 CVSS:8.8
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21342 CVSS:8.8
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21283 CVSS:6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21253 CVSS:5.3
Microsoft Edge for IOS and Android Spoofing Vulnerability
CVE-2025-21177 CVSS:8.7
Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network.
CVE-2025-21279 CVSS:6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21267 CVSS:4.4
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-21404 CVSS:4.3
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Impact
- Gain Access
- Code Execution
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2025-21408
CVE-2025-21342
CVE-2025-21283
CVE-2025-21253
CVE-2025-21177
CVE-2025-21279
CVE-2025-21267
CVE-2025-21404
Affected Vendors
- Microsoft
Affected Products
- Microsoft Dynamics 365 Sales
- Microsoft Edge (Chromium-based) - 1.0.0
- Microsoft Edge for Android - 1.0.0
- Microsoft Edge for iOS - 1.0.0.0
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.