Login Sign Up

CVE-2023-29534

9.1 CRITICAL

📋 TL;DR

This vulnerability allows attackers to hide the fullscreen notification in Firefox and Focus for Android, enabling spoofing attacks where malicious websites can impersonate legitimate interfaces. Only affects Firefox for Android and Focus for Android versions before 112.

💻 Affected Systems

Products:
  • Firefox for Android
  • Focus for Android
Versions: Versions < 112
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Android versions of these browsers. Desktop Firefox, iOS versions, and other browsers are unaffected.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

Firefox Focus by Mozilla

View all CVEs affecting Firefox Focus →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could create convincing phishing pages that appear as legitimate apps or system interfaces, potentially stealing credentials or sensitive information.

🟠

Likely Case

Users could be tricked into entering credentials or personal information into malicious websites disguised as legitimate interfaces.

🟢

If Mitigated

With updated browsers, users see proper fullscreen notifications and can identify when websites are attempting to spoof interfaces.

🌐 Internet-Facing: HIGH - This is a client-side vulnerability affecting browsers that access internet content directly.
🏢 Internal Only: LOW - The vulnerability requires user interaction with malicious web content, not internal network access.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires user to visit a malicious website but doesn't require authentication or special permissions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 112

Vendor Advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/

Restart Required: Yes

Instructions:

1. Open Google Play Store 2. Search for Firefox or Firefox Focus 3. Update to version 112 or later 4. Restart the browser

🔧 Temporary Workarounds

Disable JavaScript

android

Prevents the techniques used to obscure fullscreen notifications

In Firefox: Settings > Advanced > Enable JavaScript (toggle off)

Use alternative browser

android

Temporarily switch to a different browser until Firefox/Focus is updated

🧯 If You Can't Patch

  • Educate users about phishing risks and fullscreen notification behavior
  • Implement web filtering to block known malicious sites

🔍 How to Verify

Check if Vulnerable:

Check browser version in Settings > About Firefox/Focus

Check Version:

Open browser, go to Settings > About Firefox/Focus

Verify Fix Applied:

Confirm version is 112 or higher in Settings > About

📡 Detection & Monitoring

Log Indicators:

  • Unusual fullscreen mode activations
  • User reports of suspicious interface behavior

Network Indicators:

  • Connections to known phishing domains
  • Unusual JavaScript execution patterns

SIEM Query:

Not applicable - client-side browser vulnerability

📊 Metadata

CVE ID: CVE-2023-29534
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Published: June 19, 2023
Last Updated: December 11, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON