CVE-2025-2857 PoC — Incorrect handle could lead to sandbox escapes

Source

https://github.com/ubisoftinc/CVE-2025-2857

Associated Vulnerability

Title:Incorrect handle could lead to sandbox escapes (CVE-2025-2857)
Description:Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 136.0.4, Firefox ESR 128.8.1, and Firefox ESR 115.21.1.

Description

A Firefox and Tor Browser compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape

Readme

# CVE-2025-2857
A Firefox and Tor Browser compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape
> Run as root

# Install

```
sudo apt update
sudo apt install git
git clone https://github.com/ubisoftinc/CVE-2025-2857.git
cd CVE-2025-2857
chmod +x CVE-2025-2857
chmod +x install.sh
sudo bash install.sh
```

# Usage
```
./CVE-2025-2857 -o webpage/
```

File Snapshot


 [4.0K]  /data/pocs/e3b93aab07917ce2481a14d770864c3b11c0f24e
├── [2.0M]  CVE-2025-2857
├── [1.6K]  install.sh
└── [ 428]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!