Mozilla has patched a critical sandbox escape vulnerability (CVE-2025-2857) in Firefox for Windows, with no evidence of active exploitation.

Only a few days after Google patched a similar vulnerability in Chrome that was actively exploited as a zero-day, Mozilla has published fixes to fix a serious security weakness affecting its Firefox browser for Windows.

According to descriptions, the security flaw CVE-2025-2857 is an instance of an improper handle that could result in a sandbox escape.

“Following the recent Chrome , Mozilla sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC [inter-process communication] code,” an alert from Mozilla stated.

“A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape.”

In Firefox 136.0.4, Firefox ESR 115.21.1, and Firefox ESR 128.8.1, the flaw that impacts both Firefox and Firefox ESR has been fixed. CVE-2025-2857 has not been exploited in the wild, according to any evidence.

To address CVE-2025-2783, which has been used in the wild as part of attacks on Russian government agencies, media outlets, and educational institutions, Google published Chrome version 134.0.6998.177/.178 for Windows.

The infection happened when unidentified victims clicked on a specifically constructed link in phishing emails and used Chrome to access the attacker-controlled website, according to Kaspersky, which discovered the activity in mid-March 2025.

According to reports, CVE-2025-2783 was linked to another unidentified browser exploit to bypass the sandbox’s restrictions and accomplish remote code execution. Nevertheless, fixing the flaw successfully stops the whole assault chain.

Since then, the vulnerability has been added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) database, and federal agencies are required to implement the required mitigations by April 17, 2025.

To protect themselves from potential threats, users are advised to update their browser instances to the most recent versions.