CVE-2025-2857

Critical

Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A…

mozilla·NVD-CWE-noinfo·Published 2025-03-27

CVSS

10.0

EPSS

0.02

KEV

Exploits

cve.orgen

505 chars

Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 136.0.4, Firefox ESR 128.8.1, and Firefox ESR 115.21.1.

NVDen

505 chars

NVDes

572 chars

Tras la reciente fuga de la sandbox de Chrome (CVE-2025-2783), varios desarrolladores de Firefox identificaron un patrón similar en nuestro código IPC. Un proceso secundario comprometido podía provocar que el proceso principal devolviera un identificador involuntariamente potente, lo que provocaba una fuga de la sandbox. La vulnerabilidad original se estaba explotando in situ. *Esto solo afecta a Firefox en Windows. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta a Firefox < 136.0.4, Firefox ESR < 128.8.1 y Firefox ESR < 115.21.1.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	10.0	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
3.1	Primary	cve.org	10.0	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
3.1	Secondary	NVD	10.0	3.9	6.0	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H