Detections
Analytics
Microsoft Edge (Chromium) < 142.0.3595.53 Multiple Vulnerabilities
medium Nessus Plugin ID 272126
Language:
Synopsis
The remote host has an web browser installed that is affected by multiple vulnerabilities.Description
The version of Microsoft Edge installed on the remote Windows host is prior to 142.0.3595.53. It is, therefore, affected by multiple vulnerabilities as referenced in the October 31, 2025 advisory.- Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. (CVE-2025-60711)
- Inappropriate implementation in V8. (CVE-2025-12036, CVE-2025-12429, CVE-2025-12433)
- Type Confusion in V8. (CVE-2025-12428)
- Object lifecycle issue in Media. (CVE-2025-12430)
- Inappropriate implementation in Extensions. (CVE-2025-12431)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Microsoft Edge version 142.0.3595.53 or later.See Also
http://www.nessus.org/u?9df0759c
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12036
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12428
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12429
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12430
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12431
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12432
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12433
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12434
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12435
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12436
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12437
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12438
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12439
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12440
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12441
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12443
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12444
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12445
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12446
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12447
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60711
Plugin Details
Severity: Medium
ID: 272126
File Name: microsoft_edge_chromium_142_0_3595_53.nasl
Version: 1.1
Type: local
Agent: windows
Family: Windows
Published: 10/31/2025
Updated: 10/31/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2025-60711
CVSS v3
Risk Factor: Medium
Base Score: 6.3
Temporal Score: 5.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:microsoft:edge
Required KB Items: SMB/Registry/Enumerated, installed_sw/Microsoft Edge (Chromium)
Exploit Ease: No known exploits are available
Patch Publication Date: 10/31/2025
Vulnerability Publication Date: 10/23/2025
Reference Information
CVE: CVE-2025-12036, CVE-2025-12428, CVE-2025-12429, CVE-2025-12430, CVE-2025-12431, CVE-2025-12432, CVE-2025-12433, CVE-2025-12434, CVE-2025-12435, CVE-2025-12436, CVE-2025-12437, CVE-2025-12438, CVE-2025-12439, CVE-2025-12440, CVE-2025-12441, CVE-2025-12443, CVE-2025-12444, CVE-2025-12445, CVE-2025-12446, CVE-2025-12447, CVE-2025-60711