#VU45686 Arbitrary file upload - CVE-2020-15649

Cybersecurity Help s.r.o.

Published: 2020-08-10 | Updated: 2020-08-13

Vulnerability identifier: #VU45686

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-15649

CWE-ID: CWE-434

Exploitation vector: Network

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.

Mitigation
Install update from vendor's website.

External links
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1475835%2C1652364
https://www.mozilla.org/security/advisories/mfsa2020-31/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Arbitrary file upload in mozjs68 (Alpine package)

Arbitrary file upload in firefox-esr (Alpine package)