How to fix CVE-2025-13631?

Within 24 hours: Issue mandatory user notification directing all macOS users to immediately upgrade Chrome to version 143.0.7499.41 or later; disable Chrome auto-update if it has not auto-patched. Within 7 days: Verify patch deployment across all endpoints via MDM/asset inventory; audit logs for suspicious updater activity. Within 30 days: Conduct security awareness training on file handling risks; review Chrome security policies for enterprise deployments.

Is Ubuntu affected by CVE-2025-13631?

A high-severity privilege escalation vulnerability in Google Chrome on macOS could allow attackers to gain elevated system access through a malicious file.

CVE-2025-13631

EUVD-2025-200308 HIGH

2025-12-02 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch Released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 15, 2026 - 14:04 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 14:04 euvd

EUVD-2025-200308

CVE Published

Dec 02, 2025 - 19:15 nvd

HIGH 8.8

Description

Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)

Analysis

Technical Context

Privilege escalation allows a low-privileged user or process to gain elevated permissions beyond what was originally authorized.

Affected Products

Affected products: Google Chrome

Remediation

Apply the principle of least privilege. Keep systems patched. Monitor for suspicious privilege changes. Use mandatory access controls (SELinux, AppArmor).

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +44

POC: 0

Vendor Status

Ubuntu

Priority: Medium

chromium-browser

Release	Status	Version
jammy	not-affected	code not present
noble	not-affected	code not present
plucky	not-affected	code not present
questing	not-affected	code not present
upstream	released	-

Debian

chromium

Release	Status	Fixed Version	Urgency
bullseye (security), bullseye	vulnerable	120.0.6099.224-1~deb11u1	-
bookworm	fixed	143.0.7499.40-1~deb12u1	-
bookworm (security)	fixed	146.0.7680.71-1~deb12u1	-
trixie	fixed	143.0.7499.40-1~deb13u1	-
trixie (security)	fixed	146.0.7680.71-1~deb13u1	-
forky	fixed	146.0.7680.71-1	-
sid	fixed	146.0.7680.80-1	-
bullseye	fixed	(unfixed)	end-of-life
(unstable)	fixed	143.0.7499.40-1	-

DSA-6072-1

CVE-2025-13631 vulnerability details – vuln.today

Back

CVE-2025-13631

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

CVE-2025-13631

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

External POC / Exploit Code