Mozilla Patches RCE Vulnerabilities in Firefox & Firefox ESR
May 10, 2023
Mozilla Patches RCE Vulnerabilities in Firefox & Firefox ESR
Mozilla has released security updates to address vulnerabilities in Firefox.
An attacker could exploit these vulnerabilities to take control of an affected system.
The RCE Vulnerabilities
- CVE-2023-32215 High severity – Memory corruption vulnerability, successful exploitation of which may allow a malicious actor to remotely run arbitrary code (RCE).
- CVE-2023-32216 High severity – Memory corruption vulnerability, successful exploitation of which may allow a malicious actor to remotely run arbitrary code (RCE).
Affected Products
Firefox 112 and prior versions, Firefox ESR 102.10 and prior versions.
Mitigation
CYREBRO recommends users of these products to update to Firefox 113 and Firefox ESR 102.11 versions.
References: Mozilla Advisory