Qatar’s Cybersecurity Agency Raises Alarm on Mozilla’s RCE Vulnerabilities
September 19, 2023
Qatar's National Cyber Security Agency has sounded the alarm for users of Adobe products to promptly apply patches due to the revelation of vulnerabilities in Mozilla's Firefox and Thunderbird. Curiously, the agency failed to mention other browsers that are equally affected.
The vulnerability in question, logged as CVE-2023-4863 with a CVSS score of 8.8, is a severe heap buffer overflow in the WebP library that permits remote code execution. This issue impacts three versions of Firefox and two versions of Thunderbird. Other browsers that support this library, including Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari, are also susceptible. Google cautioned last week that the bug had been exploited in the wild as a zero day before the patch was released.
The WebP library is used by webmasters and Web developers to create smaller, richer images to enhance the user's Web experience. In a tweet, the Qatari agency advised Mozilla browser users to update, but did not mention the other affected platforms. This is surprising given that Firefox holds less than 1% of the browser market share in Qatar, while Chrome is used by approximately 70% of users in the country. This could imply that active attacks specifically targeting Mozilla have been observed in the wild in the region, but the agency did not immediately respond to a request for confirmation.
"Mozilla's advisory notes that exploitation in other software has been observed, but the advisory did not indicate that there had been successful attacks utilizing Firefox or Thunderbird," says Scott Caveza, a staff research engineer at Tenable. Caveza verifies that both Apple and Google have reported that exploitation in the wild has been observed. In Apple's case, the vulnerability has reportedly been leveraged by the NSO Group.
Related News
- Mozilla Fixes Critical Zero-Day Vulnerability in Firefox and Thunderbird
- Google Addresses Critical Chrome Zero-Day Vulnerability Reported by Apple and Spyware Researchers
Latest News
- GitLab Issues Critical Security Updates for Pipeline Vulnerability
- Trend Micro Fixes Zero-Day Vulnerability Under Attack in Endpoint Security Products
- Earth Lusca's Advanced SprySOCKS Linux Backdoor Targets Global Government Entities
- Payment Card-Skimming Campaign Expands to North America
- Critical Remote Code Execution Flaw Discovered in Thousands of Juniper Devices
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.