CVE-2025-1566

EPSS 0.03%
Published 16.04.2025 23:06:27
Last modified 08.07.2025 18:08:30
Source 7f6e188d-c52a-4a19-8674-3c3fa7
Teams watchlist Login
Open Login

DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.

Affected products Warnungen 0 Metrics 2 CWE 1 References 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Google ≫ Chrome Os Version16002.23.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.051

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1319 Improper Protection against Electromagnetic Fault Injection (EM-FI)

The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.

https://issuetracker.google.com/issues/342802975

Mailing List

Issue Tracking

https://issues.chromium.org/issues/b/342802975

Broken Link

https://nvd.nist.gov/vuln/detail/CVE-2025-1566

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-1566

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-1566

EUVD