Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2025/VULN683 _____________________________________________________________________ DATE : 09/10/2025 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Prisma Browser versions prior to 141.6.4.55. ===================================================================== https://security.paloaltonetworks.com/PAN-SA-2025-0016 _____________________________________________________________________ PAN-SA-2025-0016 Chromium: Monthly Vulnerability Update (October 2025) Urgency MODERATE 047910 Severity 6.1 · MEDIUM Exploit Maturity UNREPORTED Response Effort MODERATE Recovery USER Value Density DIFFUSE Attack Vector NETWORK Attack Complexity LOW Attack Requirements NONE Automatable NO User Interaction ACTIVE Product Confidentiality HIGH Product Integrity HIGH Product Availability HIGH Privileges Required NONE Subsequent Confidentiality NONE Subsequent Integrity NONE Subsequent Availability NONE JSON CSAF Published 2025-10-08 Updated 2025-10-08 Discovered externally Description Palo Alto Networks incorporated the following Chromium security fixes into our products: https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html CVE Summary CVE-2025-9132 Out of bounds write in V8 CVE-2025-9478 Use after free in ANGLE CVE-2025-9864 Use after free in V8 CVE-2025-9865 Inappropriate implementation in Toolbar CVE-2025-9866 Inappropriate implementation in Extensions CVE-2025-9867 Inappropriate implementation in Downloads CVE-2025-10200 Use after free in Serviceworker CVE-2025-10201 Inappropriate implementation in Mojo CVE-2025-10500 Use after free in Dawn CVE-2025-10500 Use after free in Dawn CVE-2025-10501 Use after free in WebRTC CVE-2025-10501 Use after free in WebRTC CVE-2025-10502 Heap buffer overflow in ANGLE CVE-2025-10502 Heap buffer overflow in ANGLE CVE-2025-10585 Type confusion in V8 CVE-2025-10585 Type confusion in V8 CVE-2025-10890 Side-channel information leakage in V8 CVE-2025-10890 Side-channel information leakage in V8 CVE-2025-10891 Integer overflow in V8 CVE-2025-10891 Integer overflow in V8 CVE-2025-10892 Integer overflow in V8 CVE-2025-10892 Integer overflow in V8 Product Status Versions Affected Unaffected Prisma Browser < 139.18.2.139 >= 141.6.4.55 Required Configuration for Exposure No special configuration is required to be affected by this issue. Severity: MEDIUM, Suggested Urgency: MODERATE CVSS-BT: 6.1 / CVSS-B: 8.6 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber) Exploitation Status Palo Alto Networks is not aware of any malicious exploitation of this issue. Solution CVE Prisma Browser CVE-2025-9132 139.18.2.139 CVE-2025-9478 139.23.4.155 CVE-2025-10200 140.14.7.133 CVE-2025-10201 140.14.7.133 CVE-2025-9864 140.14.7.133 CVE-2025-9865 140.14.7.133 CVE-2025-9866 140.14.7.133 CVE-2025-9867 140.14.7.133 CVE-2025-10500 141.6.4.55 CVE-2025-10501 141.6.4.55 CVE-2025-10502 141.6.4.55 CVE-2025-10585 141.6.4.55 CVE-2025-10890 141.6.4.55 CVE-2025-10891 141.6.4.55 CVE-2025-10892 141.6.4.55 Workarounds and Mitigations No workaround or mitigation is available. CPE Applicability cpe:2.3:a:palo_alto_networks:prisma_browser:*:*:*:*:*:*:*:* is vulnerable from (including)139.18.2.139 and up to (excluding)141.6.4.55 Timeline 2025-10-08 Initial publication ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================