Mozilla Firefox and Thunderbird users are facing a series of high-severity vulnerabilities that could leave systems open to exploitation. The Indian Computer Emergency Response Team (CERT-In) issued an advisory on January 20, 2025, highlighting multiple security flaws in Mozilla’s popular browser and email client.
These Mozilla vulnerabilities, which affect both desktop and mobile versions, could lead to arbitrary code execution, system instability, and privilege escalation. Mozilla has already released patches to address these issues, and users are urged to update their software immediately.
Mozilla Vulnerabilities Target Unsuspecting Victims
The vulnerabilities in Mozilla products affect various versions of Firefox and Thunderbird, including both standard and Extended Support Release (ESR) versions. Specifically, the flaws impact the following:
- Mozilla Firefox versions prior to 134
- Mozilla Firefox ESR versions prior to 128.6 and 115.19
- Mozilla Thunderbird versions prior to 134
- Mozilla Thunderbird ESR versions prior to 128.6 and 115.19
These vulnerabilities are critical, as they present a serious risk to both individual users and enterprises that rely on Mozilla’s software for everyday browsing and communication. Without patching, attackers could exploit these vulnerabilities to gain unauthorized access, execute arbitrary code, or cause significant system disruptions.
Overview of Mozilla Vulnerabilities
A range of vulnerabilities has been identified across Mozilla Firefox and Thunderbird, potentially allowing remote attackers to perform malicious actions such as code execution, denial of service (DoS) attacks, or bypass security restrictions. These vulnerabilities stem from weaknesses in core components of the software, including the WebChannel API and memory safety protocols. The issues identified are significant because they can be exploited without direct interaction from the attacker, making them even more dangerous.
Key Vulnerabilities and Their Impact
Some of the most critical vulnerabilities found in Mozilla Firefox and Thunderbird include the following:
- CVE-2025-0244: CVE-2025-0244 is a high-impact vulnerability in Firefox for Android that allows attackers to spoof the address bar, misleading users into believing they were visiting a legitimate website. This flaw significantly increased the risk of phishing attacks and other malicious activities, potentially compromising user security.
- CVE-2025-0245: CVE-2025-0245 is a moderate-impact vulnerability in Firefox Focus for Android. This flaw allows attackers to bypass the lock screen settings, which are meant to secure the app. As a result, unauthorized individuals could gain access to the application, potentially compromising user privacy and security.
- CVE-2025-0237: CVE-2025-0237 is a moderate-impact vulnerability in the WebChannel API, which is used for inter-process communication in both Firefox and Thunderbird. The issue arises because the WebChannel API failed to properly validate the sender’s principle, enabling attackers to escalate their privileges and gain unauthorized access to the affected system.
- CVE-2025-0239: CVE-2025-0239 is a moderate-impact vulnerability caused by a flaw in the handling of JavaScript text segmentation. This issue could lead to memory corruption, potentially resulting in system crashes or allowing remote code execution, thereby compromising the security of the affected system.
- CVE-2025-0242: CVE-2025-0242 highlights several memory safety bugs found in both Firefox and Thunderbird, which pose a high security risk. If exploited, these vulnerabilities could enable remote attackers to execute arbitrary code, potentially compromising the affected system’s security and integrity.
Mozilla’s Response and Patches
In response to these vulnerabilities, Mozilla has issued security patches for the following versions:
- Mozilla Firefox 134
- Mozilla Thunderbird 134
- Firefox ESR 115.19 and 128.6
- Thunderbird ESR 115.19 and 128.6
Users are strongly encouraged to update to these versions as soon as possible. These patches address the critical issues and provide improved system stability.
Conclusion
The vulnerabilities in Mozilla Firefox and Thunderbird highlight the need for quick action to protect systems. Users should update to the latest versions, monitor for suspicious activity, and enable security features like multifactor authentication. Applying patches and following best practices can reduce exposure to these risks. For businesses, advanced threat detection tools like Cyble’s can further enhance security.
