Qatar’s Cybersecurity Agency Raises Alarm on Mozilla’s RCE Vulnerabilities

September 19, 2023

Qatar's National Cyber Security Agency has sounded the alarm for users of Adobe products to promptly apply patches due to the revelation of vulnerabilities in Mozilla's Firefox and Thunderbird. Curiously, the agency failed to mention other browsers that are equally affected.

The vulnerability in question, logged as CVE-2023-4863 with a CVSS score of 8.8, is a severe heap buffer overflow in the WebP library that permits remote code execution. This issue impacts three versions of Firefox and two versions of Thunderbird. Other browsers that support this library, including Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari, are also susceptible. Google cautioned last week that the bug had been exploited in the wild as a zero day before the patch was released.

The WebP library is used by webmasters and Web developers to create smaller, richer images to enhance the user's Web experience. In a tweet, the Qatari agency advised Mozilla browser users to update, but did not mention the other affected platforms. This is surprising given that Firefox holds less than 1% of the browser market share in Qatar, while Chrome is used by approximately 70% of users in the country. This could imply that active attacks specifically targeting Mozilla have been observed in the wild in the region, but the agency did not immediately respond to a request for confirmation.

"Mozilla's advisory notes that exploitation in other software has been observed, but the advisory did not indicate that there had been successful attacks utilizing Firefox or Thunderbird," says Scott Caveza, a staff research engineer at Tenable. Caveza verifies that both Apple and Google have reported that exploitation in the wild has been observed. In Apple's case, the vulnerability has reportedly been leveraged by the NSO Group.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.