Mozilla has recently released updates to address a critical security vulnerability in its Firefox browser for Windows, just days after Google patched a similar flaw in Chrome that was actively being exploited as a zero-day.
This security vulnerability, identified as CVE-2025-2857, is described as an instance of an incorrect handle that could potentially lead to a sandbox escape.
Following the discovery of the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in their inter-process communication (IPC) code, according to Mozilla’s advisory.
A compromised child process could potentially cause the parent process to return an unintentionally powerful handle, which would ultimately lead to a sandbox escape.
The issue affects both Firefox and Firefox ESR and has been addressed in the latest versions: Firefox 136.0.4, Firefox ESR 115.21.1, and Firefox ESR 128.8.1. It’s worth noting that there is currently no evidence to suggest that CVE-2025-2857 has been exploited in the wild.
This development follows closely on the heels of Google’s release of Chrome version 134.0.6998.177/.178 for Windows to fix CVE-2025-2783, a vulnerability that has been actively exploited in attacks targeting media outlets, educational institutions, and government organizations in Russia.
According to Kaspersky, which detected the activity in mid-March 2025, the infection occurred when unspecified victims clicked on a specially crafted link in phishing emails, and the attacker-controlled website was subsequently opened using Chrome.
CVE-2025-2783 was reportedly chained together with another unknown exploit in the web browser to break out of the sandbox and achieve remote code execution. However, patching this bug effectively blocks the entire attack chain.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw to its Known Exploited Vulnerabilities (KEV) catalog, mandating that federal agencies apply the necessary mitigations by April 17, 2025.
Users are strongly advised to update their browser instances to the latest versions to safeguard against potential risks.
