CVE-2025-55031

Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects Firefox for iOS < 142 and Focus for iOS < 142.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1979499	Issue Tracking Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1979804	Issue Tracking Permissions Required
https://www.mozilla.org/security/advisories/mfsa2025-68/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2025-69/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:firefox::::::iphone_os::*
	cpe:2.3:a:mozilla:firefox_focus::::::iphone_os::*

History

No history.

Information

Published : 2025-08-19 21:15

Updated : 2025-08-21 18:38

NVD link : CVE-2025-55031

Mitre link : CVE-2025-55031

CVE.ORG link : CVE-2025-55031

JSON object : View

Products Affected

mozilla

firefox_focus
firefox

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

{"id": "CVE-2025-55031", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-08-19T21:15:28.340", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979499", "tags": ["Issue Tracking", "Permissions Required"], "source": "[email protected]"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979804", "tags": ["Issue Tracking", "Permissions Required"], "source": "[email protected]"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-68/", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-69/", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects Firefox for iOS < 142 and Focus for iOS < 142."}, {"lang": "es", "value": "Las p\u00e1ginas maliciosas podr\u00edan usar Firefox para iOS para transferir enlaces FIDO al sistema operativo y activar el transporte de claves de acceso h\u00edbridas. Un atacante dentro del alcance de Bluetooth podr\u00eda haber usado esto para enga\u00f1ar al usuario y que usara su clave de acceso para iniciar sesi\u00f3n en la cuenta objetivo. Esta vulnerabilidad afecta a Firefox para iOS (versi\u00f3n anterior a la 142) y Focus (versi\u00f3n anterior a la 142)."}], "lastModified": "2025-08-21T18:38:56.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "7EE372C2-99CB-45F5-9F6B-0862D02C6374", "versionEndExcluding": "142.0"}, {"criteria": "cpe:2.3:a:mozilla:firefox_focus:*:*:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "667BB2C7-17E5-4D04-AA9A-1CBE726492AF", "versionEndExcluding": "142.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}