Cyber Resilience

CVE-2020-6819

HighCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 24 April 2020

Published
24 April 2020
Modified
04 November 2025
KEV Added
03 November 2021
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0036 58.8th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-6819 is a high-severity Race Condition (CWE-362) vulnerability in Mozilla Firefox. Its CVSS base score is 8.1 (High).

Operationally, ranked in the top 41.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2020-6819 is a use-after-free vulnerability resulting from a race condition during execution of the nsDocShell destructor. It affects Mozilla Firefox versions prior to 74.0.1, Firefox ESR versions prior to 68.6.1, and Thunderbird versions prior to 68.7.0, and is tracked under CWEs 362 and 416.

An unauthenticated remote attacker can trigger the flaw over the network with no user interaction required, although exploitation complexity is rated high. Successful abuse grants the attacker control over memory contents, enabling impacts to confidentiality, integrity, and availability.

Mozilla security advisories MFSA2020-11 and MFSA2020-14, along with corresponding Ubuntu updates, direct users to apply the fixed releases (Firefox 74.0.1, ESR 68.6.1, Thunderbird 68.7.0) as the primary mitigation.

Targeted attacks abusing this issue have been observed in the wild.

EU & UK References

Vulnerability details

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR <…

more

68.6.1.

CWE(s)
KEV Date Added
03 November 2021

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

mozilla
firefox
≤ 68.6.1 · ≤ 74.0.1
mozilla
thunderbird
≤ 68.7.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely application of security-relevant patches to eliminate the use-after-free flaw, matching the vendor advisory to upgrade Firefox/Thunderbird to the fixed releases.

prevent

Explicitly calls for memory-protection techniques that block use-after-free exploitation during nsDocShell destructor race conditions.

prevent

Enforces separate execution domains that limit the blast radius of memory corruption arising from the race condition in the browser process.

References