Security News > 2022 > March > Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape
Mozilla has released an emergency update for its Firefox browser that addresses two critical security vulnerabilities that cybercriminals have actively exploited in the wild as zero days.
The first bug addressed by Mozilla, CVE-2022-26485, is a use-after-free problem in the browser's XSLT parameter processing.
"Removing an XSLT parameter during processing could have led to an exploitable use-after-free," according to Mozilla's advisory over the weekend.
"An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape," according to Mozilla.
The second is being used for sandbox escape, as noted by Mozilla.
"This sort of security hole can typically be abused on its own, or in combination with an RCE bug to allow implanted malware to escape from the security confines imposed by your browser, thus making an already bad situation even worse," Ducklin noted in a Saturday overview.
News URL
https://threatpost.com/firefox-zero-day-bugs-rce-sandbox-escape/178779/
Related news
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- Mozilla fixes Firefox zero-day actively exploited in attacks (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-26485 | Use After Free vulnerability in Mozilla products Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. | 8.8 |