CVE-2025-11721 – A memory safety vulnerability in Firefox and Th... (How to Fix)

Q: How do I fix CVE-2025-11721?

1. Open Firefox/Thunderbird. 2. Click menu → Help → About Firefox/Thunderbird. 3. Allow automatic update to version 144. 4. Restart the application when prompted.

Q: What is the severity of CVE-2025-11721?

CVE-2025-11721 has a CVSS score of 9.8 (CRITICAL). A memory safety vulnerability in Firefox and Thunderbird versions before 144 allows memory corruption that could potentially be exploited to execute arbitrary code. This affects all users running Firefox < 144 or Thunderbird < 143. The high CVSS score indicates critical severity requiring immediate attention.

📋 TL;DR

A memory safety vulnerability in Firefox and Thunderbird versions before 144 allows memory corruption that could potentially be exploited to execute arbitrary code. This affects all users running Firefox < 144 or Thunderbird < 143. The high CVSS score indicates critical severity requiring immediate attention.

💻 Affected Systems

Products:

Mozilla Firefox
Mozilla Thunderbird

Versions: Firefox < 144, Thunderbird < 144

Operating Systems: Windows, macOS, Linux, Android, iOS

Default Config Vulnerable: ⚠️ Yes

Notes: All standard installations are vulnerable; no special configuration required for exploitation.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

Thunderbird by Mozilla

View all CVEs affecting Thunderbird →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Browser/email client crash or instability, with potential for limited code execution in user context.

🟢

If Mitigated

No impact if patched; limited impact if sandboxing and other browser security features contain the exploit.

🌐 Internet-Facing: HIGH - Web browsers and email clients are directly exposed to internet content.

🏢 Internal Only: MEDIUM - Internal web applications and email could still trigger the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

Memory corruption bugs require significant effort to weaponize, but Firefox's widespread use makes this an attractive target.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox 144, Thunderbird 144

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2025-81/

Restart Required: Yes

Instructions:

1. Open Firefox/Thunderbird. 2. Click menu → Help → About Firefox/Thunderbird. 3. Allow automatic update to version 144. 4. Restart the application when prompted.

🔧 Temporary Workarounds

Disable JavaScript

all

Temporarily disable JavaScript to reduce attack surface while patching.

about:config → javascript.enabled = false

Use alternative browser

all

Switch to updated alternative browser until Firefox/Thunderbird can be patched.

🧯 If You Can't Patch

Network segmentation to restrict browser traffic to trusted sources only
Implement application whitelisting to prevent execution of unknown processes

🔍 How to Verify

Check if Vulnerable:

Check version in Firefox: about:support → Application Basics → Version. Thunderbird: Help → About Thunderbird.

Check Version:

firefox --version (Linux) or check About dialog on Windows/macOS

Verify Fix Applied:

Confirm version is 144 or higher in about:support or About Thunderbird dialog.

📡 Detection & Monitoring

Log Indicators:

Application crashes with memory access violations
Unexpected child process creation from browser

Network Indicators:

Unusual outbound connections from browser process
Traffic to known exploit hosting domains

SIEM Query:

process_name="firefox.exe" AND (event_id=1000 OR event_id=1001) OR process_name="thunderbird.exe" AND parent_process!="explorer.exe"

📊 Metadata

CVE ID: CVE-2025-11721

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

EPSS Score: 0.08% exploit probability (22.8th percentile)

Published: October 14, 2025

Last Updated: October 15, 2025

🔗 References

https://bugzilla.mozilla.org/show_bug.cgi?id=1986816 Issue Tracking,Permissions Required
https://www.mozilla.org/security/advisories/mfsa2025-81/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2025-84/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11721, you might also want to check these: