A critical sandbox escape vulnerability in Mozilla Firefox and Thunderbird allows for potential system-level compromise by bypassing security sandboxing.

This vulnerability is caused by incorrect boundary conditions within the WebRTC networking component, allowing an unauthenticated attacker to escape the browser sandbox.

With a CVSS score of 9.6, this vulnerability poses a severe risk to organizational security. Successful exploitation could allow an attacker to execute arbitrary code outside the browser's sandbox, leading to full system compromise, data exfiltration, and lateral movement within the network.

Immediate Action: Upgrade all instances of Firefox, Thunderbird, and Firefox ESR to the versions specified in the vendor advisory immediately.

Proactive Monitoring: Monitor endpoint detection logs for abnormal process execution or unexpected network traffic originating from browser-related processes.

Compensating Controls: Ensure endpoint protection software is updated to detect and block malicious code execution patterns associated with browser-based exploits.

Public Exploit Available: False

The severity of this flaw necessitates immediate patching across all workstation and server environments. Organizations should prioritize updating their browser installations to prevent potential remote code execution and sandbox breakout scenarios.