CVE-2025-12729 - Chrome Omnibox UI Spoofing on Android
Category:Vulnerabilities & Exploits
CVE-2025-12729 affects Chrome on Android before 142.0.7444.137, allowing crafted pages to spoof Omnibox URLs and mislead users (T1204, T1566). Attackers can fake domain identities, boosting phishing success. Chrome 142 patches CVE-2025-12729 along with multiple related bugs.
CORTEX Protocol Intelligence Assessment
Business Impact: Raises phishing success by undermining visual trust cues. Technical Context: Logic flaw in Chrome Omnibox enabling UI spoofing (T1204, T1566).
Strategic Intelligence Guidance
- Update Chrome to version 142+.
- Deploy MDM enforcement for browser updates.
- Promote phishing-resistant authentication.
- Educate users on Omnibox spoofing risks.
CVEs
Vendors
Threats
Targets
Intelligence Source: CVE-2025-12729 - Chrome Omnibox UI Spoofing on Android | Nov 11, 2025