CVE-2025-8044
Published: 22 July 2025
Summary
CVE-2025-8044 is a critical-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Mozilla Firefox. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Drive-by Compromise (T1189); ranked at the 30.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 requires timely remediation of flaws like this memory safety bug by applying patches released in Firefox 141 and Thunderbird 141.
SI-16 enforces memory protection mechanisms such as ASLR and DEP that directly mitigate exploitation of memory corruption bugs leading to arbitrary code execution.
SI-5 ensures organizations receive and act on Mozilla security advisories (MFSA 2025-56/61) detailing the vulnerability and required updates.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Memory corruption RCE in browser directly enables drive-by compromise and client-side exploitation for code execution.
NVD Description
Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was…
more
fixed in Firefox 141 and Thunderbird 141.
Deeper analysisAI
CVE-2025-8044 is a set of memory safety bugs (CWE-119) affecting Firefox 140 and Thunderbird 140, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). These bugs involve improper restriction of operations within memory bounds, and some showed evidence of memory corruption. Mozilla presumes that, with sufficient effort, they could enable arbitrary code execution. The vulnerability was addressed in Firefox 141 and Thunderbird 141.
Attackers can exploit this vulnerability remotely over the network with low complexity, requiring no privileges, authentication, or user interaction. Successful exploitation could result in high-impact compromise of confidentiality, integrity, and availability, potentially allowing arbitrary code execution on affected systems.
Mozilla's security advisories (MFSA 2025-56 and MFSA 2025-61) detail the fixes implemented in Firefox 141 and Thunderbird 141. Security practitioners should prioritize updating to these versions, as referenced in the associated Bugzilla entries for bugs 1933572 and 1971116.
Details
- CWE(s)