Security News > 2022 > March > Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape
Mozilla has released an emergency update for its Firefox browser that addresses two critical security vulnerabilities that cybercriminals have actively exploited in the wild as zero days.
The first bug addressed by Mozilla, CVE-2022-26485, is a use-after-free problem in the browser's XSLT parameter processing.
"Removing an XSLT parameter during processing could have led to an exploitable use-after-free," according to Mozilla's advisory over the weekend.
"An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape," according to Mozilla.
The second is being used for sandbox escape, as noted by Mozilla.
"This sort of security hole can typically be abused on its own, or in combination with an RCE bug to allow implanted malware to escape from the security confines imposed by your browser, thus making an already bad situation even worse," Ducklin noted in a Saturday overview.
News URL
https://threatpost.com/firefox-zero-day-bugs-rce-sandbox-escape/178779/
Related news
- New Cleo zero-day RCE flaw exploited in data theft attacks (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- Critical zero-days impact premium WordPress real estate plugins (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-26485 | Use After Free vulnerability in Mozilla products Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. | 8.8 |