SOC Advisory – Google Chrome Zero-Day Actively Exploited – 19 November 2025

Overview

CVE: CVE-2025-13223
Severity: Critical
Date: 19 November 2025

Google has released an urgent security update for Google Chrome, addressing a critical vulnerability that is being actively exploited in the wild. The issue, tracked as CVE-2025-13223, involves a memory corruption flaw in the V8 JavaScript engine, which can allow remote code execution when a victim views a malicious webpage.

Google has confirmed that an exploit for CVE-2025-13223 exists in the wild, and urges all users and organisations to update immediately. This affects Chrome across Windows, macOS and Linux, as well as any Chromium-based browsers pending upstream patches.

Affected Versions

• Google Chrome for Windows, macOS and Linux prior to the emergency patch released 16 November 2025
• Chromium-based browsers (Edge, Opera, Brave, Vivaldi) until each vendor publishes updated builds
• Devices using enterprise-managed browser policies remain at risk until patches are deployed

Vulnerability Breakdown

CVE-2025-13223 – V8 Memory Corruption Leading to Remote Code Execution

• Type: Memory corruption in V8
• Severity: Critical
• Impact: A malicious webpage can achieve remote code execution without user interaction
• Exploitation: Confirmed active exploitation in the wild
• Description: Incorrect handling of memory operations within V8 allows an attacker to execute arbitrary code in the context of the browser. Given the exploit availability, targeted attacks may already be underway.

Mitigation

• Update Google Chrome immediately to the latest version released on 16 November 2025
• For enterprise environments, force an update via:
  • Google Admin Console
  • Intune or equivalent MDM
  • Chrome Enterprise policies
• Apply patches to all Chromium-based browsers once available
• Restart the browser after updating to complete mitigation
• Consider temporarily restricting access to untrusted websites for high-risk user groups until validation is complete

Summary for IT Teams

Products: Google Chrome, Chromium-based browsers
Threat Level: Critical
Action Required:

• Deploy the emergency Chrome update across all systems
• Confirm Chromium-based browsers are patched as updates become available
• Review browser auto-update policies to ensure updates are not paused or blocked
• Monitor for unusual web-originated activity or signs of browser compromise

Reference

• The Hacker News

Need Help?

If your organisation requires assistance identifying affected systems, enforcing browser updates or reviewing browser security policies, please contact our SOC team via soc@secure-iss.com.