CVE-2022-22736

Summary

If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.<br>This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected.. This vulnerability affects Firefox < 96.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 96affected

Weaknesses

  • Potential local privilege escalation when loading modules from the install directory.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References