You are right that Tails only enforces conection over Tor circuit. Even if there's a malware running with application privileges, its traffic has to be routed through Tor. User-level applications cannot enforce their own network configuration in Tails. As facebook refused to disclose the vulnerability, this is what might have happenned.
- Media file carries the payload.
a zero-day exploit in Tails: a bug in its video player
On running the media file, payload exploited a vulnerability in media player to execute arbitrary code inside a payload. Atleast a vulnerability in media player is confirmed by facebook.
That arbitrary code exploited a second vulnerability to gain privilege escalation.
Now the payload has privileges of a system, it patched the system to bypass Tor circuit.
Malware was able to connect with FBI controlled server directly.
It's likely a chain of vulnerability with privilege escalation attack. Given the cost of this exploit is in 6 figures and facebook non-compliance with vulnerability disclosure, it's safe to assume that critical zero day exploit was involved.
Sources told Vice that since an upcoming Tails update was slated to strip the vulnerable code, Facebook didn’t bother to do so.
It is still not clear from this context where the vulnerability resides apart from the one which was in media player as compromising an application in Tails doesn't give you privilege of bypassing Tor circuit. We still have to wait for official response from maintainers of Tail. No CVE has been assigned as of now.