(praetorian.com) From 500,000 Findings to 14 Critical Endpoints: How Exploit Chain Analysis Exposes Hidden Browser-Based APT Threats
-
(praetorian.com) From 500,000 Findings to 14 Critical Endpoints: How Exploit Chain Analysis Exposes Hidden Browser-Based APT Threats
Zero-click Firefox exploit chains targeting Windows endpoints achieve full host compromise via drive-by attacks, with one chain actively weaponized by Russia-aligned APT RomCom (Storm-0978). Traditional CVSS scoring fails to surface these risks—exploit chain analysis cuts 500K findings to 14 critical endpoints.
In brief - Two Firefox exploit chains enable zero-click RCE + sandbox escape, with RomCom actively deploying one in the wild. CVSS-based prioritization misses these attack paths; exploit chain analysis reduces noise 35K:1.
Technically - Chain 1: CVE-2025-4918 (SpiderMonkey OOB R/W, Pwn2Own 2025) + CVE-2025-2857 (IPC handle leak, CVSS 10.0). Chain 2: CVE-2024-9680 (Animation Timeline UAF, CVSS 9.8, RomCom) + CVE-2025-2857 or CVE-2024-49039 (Task Scheduler PE via RPC, CVSS 8.8). Firefox’s lack of V8 heap sandbox reduces required stages. AI-assisted exploit dev compresses TTP timelines.
Source: https://www.praetorian.com/blog/exploit-chain-analysis/
-
R relay@relay.infosec.exchange shared this topic
