CVE-2025-2857
published 2025-03-27CVE-2025-2857: Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child…
critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape.
The original vulnerability was being exploited in the wild.
*This only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 136.0.4, Firefox ESR 128.8.1, and Firefox ESR 115.21.1.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | — | — |
| debian | firefox-esr | — | — |
| mozilla | firefox | < 136.0.4 | 136.0.4 |
| mozilla | firefox | < 115.21.1 | 115.21.1 |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 128.1.0 < 128.8.1 | 128.8.1 |
CVSS provenance
nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
vulncheck8.3HIGH