Login Sign Up

CVE-2024-11702

7.5 HIGH

📋 TL;DR

This vulnerability in Firefox and Thunderbird on Android allows sensitive data copied from Private Browsing tabs (like passwords) to be unintentionally stored in cloud-based clipboard history if that feature is enabled. It affects users of Firefox < 133 and Thunderbird < 133 on Android devices with cloud clipboard enabled. The issue stems from improper handling of private browsing data.

💻 Affected Systems

Products:
  • Firefox for Android
  • Thunderbird for Android
Versions: Versions < 133
Operating Systems: Android
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when cloud-based clipboard history feature is enabled. Private Browsing mode must be used and sensitive data copied from it.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

Thunderbird by Mozilla

View all CVEs affecting Thunderbird →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive information like passwords, credit card numbers, or personal data copied during private browsing sessions could be stored in cloud clipboard services, potentially accessible to attackers with access to the cloud account or through clipboard monitoring malware.

🟠

Likely Case

Users who copy passwords or other sensitive data in private browsing tabs may have that data stored in their cloud clipboard history, making it potentially visible to anyone with access to their cloud account or clipboard sync services.

🟢

If Mitigated

If cloud clipboard is disabled or users avoid copying sensitive data in private browsing mode, the risk is eliminated.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires user interaction (copying data in private browsing) and cloud clipboard to be enabled. No remote exploitation possible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox 133, Thunderbird 133

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2024-63/

Restart Required: Yes

Instructions:

1. Open Google Play Store. 2. Search for Firefox or Thunderbird. 3. Update to version 133 or higher. 4. Restart the application after update.

🔧 Temporary Workarounds

Disable Cloud Clipboard

android

Turn off cloud-based clipboard history to prevent any data from being stored in cloud services

Avoid Copying Sensitive Data in Private Browsing

all

Do not copy passwords or other sensitive information while using Private Browsing tabs

🧯 If You Can't Patch

  • Disable cloud clipboard sync in Android settings
  • Use alternative browsers without cloud clipboard features for sensitive activities

🔍 How to Verify

Check if Vulnerable:

Check Firefox/Thunderbird version in app settings. If version < 133 and cloud clipboard is enabled, you are vulnerable.

Check Version:

In Firefox/Thunderbird: Settings → About Firefox/Thunderbird

Verify Fix Applied:

Update to version 133 or higher and verify version in app settings.

📡 Detection & Monitoring

Log Indicators:

  • No specific log indicators for this client-side vulnerability

Network Indicators:

  • No network-based detection possible

SIEM Query:

Not applicable for client-side Android application vulnerability

📊 Metadata

CVE ID: CVE-2024-11702
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-838
Published: November 26, 2024
Last Updated: April 5, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11702, you might also want to check these:

CVE-2025-4052 9.8

This vulnerability in Chrome DevTools allows attackers to bypass discretionary access control by tri...

Same vulnerability type (CWE-838)
CVE-2024-34006 4.3

This CVE describes a cross-site scripting (XSS) vulnerability in Moodle's site log report where HTML...

Same vulnerability type (CWE-838)