CVE-2022-22750

Summary

By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.<br>This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.. This vulnerability affects Firefox < 96.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 96affected

Weaknesses

  • IPC passing of resource handles could have lead to sandbox bypass

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References