May 10, 2023

Mozilla Patches RCE Vulnerabilities in Firefox & Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox.

An attacker could exploit these vulnerabilities to take control of an affected system.

The RCE Vulnerabilities

• CVE-2023-32215 High severity – Memory corruption vulnerability, successful exploitation of which may allow a malicious actor to remotely run arbitrary code (RCE).
• CVE-2023-32216 High severity – Memory corruption vulnerability, successful exploitation of which may allow a malicious actor to remotely run arbitrary code (RCE).

Affected Products

Firefox 112 and prior versions, Firefox ESR 102.10 and prior versions.

Mitigation

CYREBRO recommends users of these products to update to Firefox 113 and Firefox ESR 102.11 versions.

References: Mozilla Advisory