Main Vulnerability Database Vulnerabilities #VU78058

Insufficient UI Warning of Dangerous Operations in Firefox for iOS - CVE-2023-37455

Published: July 11, 2023

Vulnerability identifier: #VU78058

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-37455

CWE-ID: CWE-357

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Firefox for iOS

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to the media permission request prompt from the site in the background tab is overlaid on top of the site in the foreground tab. A remote attacker can perform spoofing attack.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2023-25/

Insufficient UI Warning of Dangerous Operations in Firefox for iOS - CVE-2023-37455

Description

Remediation

External links

Please verify you're human