Login Sign Up

CVE-2025-14329

8.8 HIGH

📋 TL;DR

This CVE describes a privilege escalation vulnerability in the Netmonitor component of Mozilla products. Attackers could exploit this to gain elevated privileges on affected systems. It affects Firefox, Firefox ESR, and Thunderbird users running outdated versions.

💻 Affected Systems

Products:
  • Firefox
  • Firefox ESR
  • Thunderbird
Versions: Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, Thunderbird < 140.6
Operating Systems: Windows, Linux, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected versions are vulnerable. The Netmonitor component is enabled by default in these products.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

Firefox by Mozilla

View all CVEs affecting Firefox →

Thunderbird by Mozilla

View all CVEs affecting Thunderbird →

Thunderbird by Mozilla

View all CVEs affecting Thunderbird →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining administrative privileges, potentially leading to data theft, malware installation, or complete system control.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security restrictions, access sensitive data, or execute arbitrary code with higher privileges.

🟢

If Mitigated

Limited impact with proper patch management and security controls in place, potentially only affecting isolated user sessions.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation likely requires local access or ability to execute code in the browser context. No public exploit code has been identified at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox 146+, Firefox ESR 140.6+, Thunderbird 146+, Thunderbird 140.6+

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2025-92/

Restart Required: Yes

Instructions:

1. Open Firefox/Thunderbird. 2. Click menu → Help → About Firefox/Thunderbird. 3. Allow automatic update to complete. 4. Restart the application when prompted.

🔧 Temporary Workarounds

Disable Netmonitor

all

Temporarily disable the Netmonitor component to reduce attack surface

about:config → Set 'devtools.netmonitor.enabled' to false

🧯 If You Can't Patch

  • Restrict user privileges to limit impact of privilege escalation
  • Implement application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check application version in About dialog and compare against affected versions

Check Version:

firefox --version or thunderbird --version

Verify Fix Applied:

Verify version is Firefox ≥146, Firefox ESR ≥140.6, Thunderbird ≥146, or Thunderbird ≥140.6

📡 Detection & Monitoring

Log Indicators:

  • Unusual privilege escalation attempts
  • Suspicious Netmonitor component activity

Network Indicators:

  • Unexpected outbound connections from browser processes

SIEM Query:

source="firefox.log" OR source="thunderbird.log" AND (event="privilege_escalation" OR event="netmonitor_abuse")

📊 Metadata

CVE ID: CVE-2025-14329
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score: 0.05% exploit probability (13.7th percentile)
Published: December 9, 2025
Last Updated: December 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON