Address Bar Spoofing Vulnerability in Firefox for Android by Mozilla
CVE-2025-0246

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 7 January 2025

Summary

A serious vulnerability exists in Firefox for Android that allows attackers to spoof the address bar when using an invalid protocol scheme. This could mislead users into believing they are interacting with a legitimate website, potentially leading to phishing attacks or information theft. It is crucial for users operating on Android systems to update to the latest Firefox version to prevent exploitation of this flaw.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1912709

https://www.mozilla.org/security/advisories/mfsa2025-01/

Timeline

Vulnerability published
Jan 7, 2025