CVE-2025-13020 is a use-after-free vulnerability classified under CWE-416, found in the WebRTC Audio/Video component of Mozilla Firefox prior to version 145 and Firefox ESR prior to 140.5. Use-after-free vulnerabilities occur when a program continues to use memory after it has been freed, leading to undefined behavior, including potential arbitrary code execution. WebRTC is a real-time communication protocol embedded in Firefox, enabling audio and video streaming directly in the browser. An attacker can exploit this vulnerability by crafting malicious web content that triggers the use-after-free condition when a user interacts with it, such as visiting a malicious website or receiving malicious WebRTC streams. The CVSS 3.1 base score of 8.8 reflects the vulnerability's high impact on confidentiality, integrity, and availability, with an attack vector of network (remote), low attack complexity, no privileges required, but requiring user interaction. Successful exploitation could allow remote code execution, enabling attackers to take control of the victim's system, steal sensitive data, or disrupt services. No patches or exploits are currently publicly available, but the vulnerability is published and should be addressed promptly. The vulnerability affects all Firefox users on versions below 145 and ESR below 140.5, which are common in many enterprise and government environments. Given the widespread use of Firefox in Europe and the critical nature of WebRTC in modern communications, this vulnerability represents a significant threat vector.

For European organizations, this vulnerability poses a serious risk due to the widespread adoption of Firefox as a primary web browser in both public and private sectors. Exploitation could lead to remote code execution, allowing attackers to compromise sensitive information, disrupt business operations, or establish persistent footholds within networks. Sectors such as finance, government, healthcare, and telecommunications, which often rely on secure real-time communications via WebRTC, are particularly vulnerable. The compromise of confidentiality could result in data breaches involving personal and corporate data, while integrity and availability impacts could disrupt critical services. The requirement for user interaction means phishing or social engineering could be used to trigger exploitation, increasing the risk in environments with less user awareness or training. The absence of known exploits in the wild currently provides a window for proactive defense, but the high CVSS score and potential impact necessitate urgent mitigation efforts.

Organizations should immediately plan to upgrade all Firefox installations to version 145 or later, and Firefox ESR to 140.5 or later, as soon as patches become available. Until patches are deployed, consider disabling or restricting WebRTC functionality via browser configurations or group policies to reduce attack surface, especially in high-risk environments. Employ network-level controls such as WebRTC filtering or blocking on firewalls and proxies to limit exposure to malicious WebRTC traffic. Enhance user awareness training to recognize and avoid suspicious links or websites that could trigger exploitation. Monitor network and endpoint logs for unusual activity related to Firefox processes or WebRTC communications. Implement application allowlisting and endpoint detection and response (EDR) solutions to detect and prevent exploitation attempts. Maintain up-to-date backups and incident response plans to quickly recover from potential compromises. Coordinate with IT and security teams to prioritize this vulnerability in patch management cycles and vulnerability scanning.