CVE-2023-29534

CVSS 9.1 CRITICALEPSS 0.7%

Vexday Risk Score

28Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 9.1EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

19 jun 2023Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Productos afectados

Mozilla · Firefox for Android Mozilla · Focus for Android

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1816007 https://bugzilla.mozilla.org/show_bug.cgi?id=1816059 https://bugzilla.mozilla.org/show_bug.cgi?id=1821155 https://bugzilla.mozilla.org/show_bug.cgi?id=1821576 https://bugzilla.mozilla.org/show_bug.cgi?id=1821906 https://bugzilla.mozilla.org/show_bug.cgi?id=1822298 https://bugzilla.mozilla.org/show_bug.cgi?id=1822305 https://www.mozilla.org/security/advisories/mfsa2023-13/