Google and Apple have both issued patches for critical zero-day vulnerabilities in their respective web browsers, Chrome and Safari, which have been actively exploited in the wild. These vulnerabilities, tracked as CVE-2025-14174 and CVE-2025-43529, pose significant security risks due to their high CVSS scores of 8.8 and their exploitation prior to public disclosure.
CVE-2025-14174 affects Google Chrome, specifically targeting the ANGLE component on Mac systems. This flaw, categorized under CWE-787 and CWE-119, allows remote attackers to execute out-of-bounds memory access through crafted HTML pages. The vulnerability was exploited before its disclosure, with a time-to-exploit in the wild of -0.8 days, marking it as a zero-day. Google has addressed this issue in Chrome version 143.0.7499.110, and the vulnerability has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog as of December 12, 2025.
Similarly, CVE-2025-43529 impacts Apple Safari and several other Apple products, including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. This use-after-free vulnerability, identified as CWE-416, could lead to arbitrary code execution when processing malicious web content. Apple has released updates to mitigate this flaw in Safari 26.2, iOS 18.7.3, iPadOS 18.7.3, and other affected systems. The vulnerability was also exploited before its disclosure, with a time-to-exploit of -2.9 days, and was added to the KEV catalog on December 15, 2025.
Both vulnerabilities have been marked with a Security Severity Vulnerability Classification (SSVC) of 'attend,' indicating the need for immediate attention. Proof-of-concept exploits are available for both, with three for the Chrome vulnerability and eight for the Safari issue, underscoring the urgency for users to update their systems.
Security professionals are advised to prioritize patching these vulnerabilities to prevent potential exploitation. Users should ensure their browsers and operating systems are updated to the latest versions to mitigate these risks. Given the active exploitation and the availability of proof-of-concept exploits, organizations should also monitor for any suspicious activity that could indicate attempted exploitation of these vulnerabilities.
CSURFACE