CRITICAL🇵🇱 Wersja polska

CVE-2025-13023

CVSS 9.8v3.1pub. 2025-11-11upd. 2026-04-13

Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145.

🤖 AI Analysis
How it works

The vulnerability results from incorrectly defined boundary conditions in the WebGPU handling component in the Firefox graphics layer. The sandbox mechanism is designed to isolate browser processes from the operating system, however, incorrect boundary verification allows it to be bypassed. An attacker can provide specially crafted WebGPU content that will compromise the isolation logic and escape the sandbox. Due to the network vector (AV:N) and lack of requirements for authentication or user interaction (PR:N, UI:N), the attack can be conducted remotely.

Impact

Successful exploitation of the vulnerability allows an attacker to escape the browser sandbox, which may lead to gaining full control over the victim's system – including confidentiality, integrity, and availability of data (CVSS C:H/I:H/A:H).

Mitigation & patch

Mozilla Firefox should be updated to version 145 or later, and Mozilla Thunderbird to version 145 or later. Patches are available directly from the vendor according to published security advisories MFSA2025-87 and MFSA2025-90.

Who is affected

Mozilla Firefox in versions prior to 145 and Mozilla Thunderbird in versions prior to 145.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mozilla Firefox

    APP
    Mozilla
    < 145.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-9680CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Use-after-free w Animation timelines Firefox/Thunderbird — RCE

CVE-2022-26486CRITICAL9.6⚠ KEVten sam produkt

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escap...

CVE-2019-11708CRITICAL10.0⚠ KEVten sam produkt

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes ...

CVE-2010-3765CRITICAL9.8⚠ KEVten sam produkt

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before...

CVE-2026-14241CRITICAL9.8ten sam produkt

Memory safety bugs present in Firefox 152.0.3. Some of these bugs showed evidence of memory corruption and we ...