Login Sign Up

CVE-2025-14861

8.8 HIGH
Remote Code Execution

📋 TL;DR

CVE-2025-14861 is a memory safety vulnerability in Firefox that could allow attackers to execute arbitrary code on affected systems. The vulnerability involves memory corruption bugs that could be exploited to take control of the browser. This affects all Firefox users running versions earlier than 146.0.1.

💻 Affected Systems

Products:
  • Mozilla Firefox
Versions: All versions < 146.0.1
Operating Systems: Windows, Linux, macOS, Android
Default Config Vulnerable: ⚠️ Yes
Notes: All standard Firefox installations are vulnerable. No special configurations required for exploitation.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and lateral movement within the network.

🟠

Likely Case

Browser compromise allowing session hijacking, credential theft, and installation of malware or backdoors.

🟢

If Mitigated

Limited impact if browser sandboxing works properly, potentially resulting in browser crash rather than full system compromise.

🌐 Internet-Facing: HIGH - Firefox is directly exposed to internet content and malicious websites could trigger the vulnerability.
🏢 Internal Only: MEDIUM - Internal web applications or malicious internal sites could exploit the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Memory corruption vulnerabilities typically require sophisticated exploitation techniques, but Firefox's widespread use makes this an attractive target.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 146.0.1

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2025-98/

Restart Required: Yes

Instructions:

1. Open Firefox. 2. Click menu button (three horizontal lines). 3. Select Help > About Firefox. 4. Firefox will automatically check for updates and prompt to install 146.0.1. 5. Restart Firefox when prompted.

🔧 Temporary Workarounds

Disable JavaScript

all

Temporarily disable JavaScript to reduce attack surface while patching

about:config > javascript.enabled = false

Use Content Security Policy

all

Implement strict CSP headers on web servers to limit script execution

Content-Security-Policy: default-src 'self'

🧯 If You Can't Patch

  • Restrict Firefox to only trusted websites using browser extensions or proxy rules
  • Implement application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check Firefox version in About Firefox dialog or via about:support page

Check Version:

firefox --version (Linux) or check Help > About Firefox

Verify Fix Applied:

Confirm Firefox version is 146.0.1 or higher in About Firefox

📡 Detection & Monitoring

Log Indicators:

  • Firefox crash reports
  • Unexpected process termination
  • Memory access violation errors

Network Indicators:

  • Unusual outbound connections from Firefox process
  • Suspicious JavaScript payloads in web traffic

SIEM Query:

process_name="firefox.exe" AND (event_id=1000 OR event_id=1001) OR process_crash=true

📊 Metadata

CVE ID: CVE-2025-14861
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-119
EPSS Score: 0.05% exploit probability (15th percentile)
Published: December 18, 2025
Last Updated: December 30, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14861, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)