Description
Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape.
The original vulnerability was being exploited in the wild.
*This only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 136.0.4, Firefox ESR 128.8.1, and Firefox ESR 115.21.1.
Published: 2025-03-27
Score: 10 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Sandbox escape leading to privilege escalation
Action: Patch
AI Analysis

Impact

The vulnerability stems from IPC code handling in Firefox, where a compromised child process can cause the parent to return an unintentionally powerful handle. This results in a sandbox escape, allowing the attacker to bypass the isolation guarantees of the sandbox and potentially execute code with elevated privileges. The flaw is classified as CWE-668.

Affected Systems

Mozilla Firefox installations running on Windows are affected. Versions prior to 136.0.4, as well as Firefox ESR 128.8.1 and ESR 115.21.1, contain the vulnerability. Other operating systems are not impacted.

Risk and Exploitability

The CVSS score of 10 indicates critical severity, while the EPSS score of less than 1% suggests a low likelihood of widespread exploitation at current time. The vulnerability was exploited in the wild, and the attack vector involves a compromised child process interacting with IPC mechanisms. The issue is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on April 20, 2026 at 18:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Firefox 136.0.4 or the latest ESR update (128.8.1 or 115.21.1).
  • Ensure no legacy Firefox versions are installed on Windows endpoints.
  • Monitor Mozilla security advisories for any additional updates or guidance.

Generated by OpenCVE AI on April 20, 2026 at 18:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-8495 Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1. Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 136.0.4, Firefox ESR 128.8.1, and Firefox ESR 115.21.1.
Title firefox: Firefox IPC sandbox escape on windows Incorrect handle could lead to sandbox escapes

Fri, 31 Oct 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-668

Thu, 01 May 2025 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
Vendors & Products Mozilla
Mozilla firefox

Fri, 28 Mar 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 28 Mar 2025 14:00:00 +0000

Type Values Removed Values Added
Title firefox: Firefox IPC sandbox escape on windows
References

Thu, 27 Mar 2025 19:30:00 +0000

Type Values Removed Values Added
Description Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles to unprivileged child processes leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1. Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.
References

Thu, 27 Mar 2025 15:15:00 +0000

Type Values Removed Values Added
Description Following the sanbdox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles into unpriviled child processes leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1. Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles to unprivileged child processes leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.

Thu, 27 Mar 2025 13:45:00 +0000

Type Values Removed Values Added
Description Following the sanbdox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles into unpriviled child processes leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.
References

Subscriptions

Mozilla Firefox
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:30:19.981Z

Reserved: 2025-03-27T10:54:42.071Z

Link: CVE-2025-2857

cve-icon Vulnrichment

Updated: 2025-03-28T15:25:30.861Z

cve-icon NVD

Status : Modified

Published: 2025-03-27T14:15:55.720

Modified: 2026-04-13T15:16:56.047

Link: CVE-2025-2857

cve-icon Redhat

Severity :

Publid Date: 2025-03-27T13:27:57Z

Links: CVE-2025-2857 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T18:30:13Z

Weaknesses