Windows Sandbox Escape Vulnerability in Firefox ESR < 68.8 and Firefox < 76

Windows Sandbox Escape Vulnerability in Firefox ESR < 68.8 and Firefox < 76

CVE-2020-12389 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.

Learn more about our Cis Benchmark Audit For Operating Systems.