Login Sign Up

CVE-2024-1563

8.1 HIGH

📋 TL;DR

This vulnerability in Firefox Focus for iOS allows attackers to execute unauthorized JavaScript on top origin sites by exploiting a race condition when opening external URLs with custom Firefox schemes. It affects users running Firefox Focus for iOS versions below 122. The attack requires user interaction but can lead to script execution in privileged contexts.

💻 Affected Systems

Products:
  • Firefox Focus for iOS
Versions: All versions < 122
Operating Systems: iOS
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Firefox Focus for iOS; standard Firefox for iOS and desktop versions are not affected.

📦 What is this software?

Firefox Focus by Mozilla

View all CVEs affecting Firefox Focus →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could execute arbitrary JavaScript in the context of top origin sites, potentially leading to session hijacking, credential theft, or unauthorized actions on behalf of the user.

🟠

Likely Case

Limited script execution in specific contexts, potentially allowing attackers to read sensitive data or perform actions within the browser's security boundaries.

🟢

If Mitigated

With proper patching, no impact as the race condition is eliminated and URL handling is secured.

🌐 Internet-Facing: MEDIUM - Requires user interaction (clicking malicious link) but can be delivered via web pages, emails, or messages.
🏢 Internal Only: LOW - Primarily an external attack vector requiring user interaction with malicious content.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user interaction (clicking a malicious link) and precise timing due to race condition. No public exploit code has been disclosed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 122

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2024-09/

Restart Required: Yes

Instructions:

1. Open the App Store on iOS device. 2. Search for Firefox Focus. 3. Tap Update to version 122 or later. 4. Restart the application after update completes.

🔧 Temporary Workarounds

Disable Firefox Focus

ios

Temporarily disable or uninstall Firefox Focus until patched

Long press Firefox Focus app icon > Remove App

Use alternative browser

ios

Switch to standard Firefox for iOS or Safari until Firefox Focus is updated

🧯 If You Can't Patch

  • Educate users to avoid clicking suspicious links while using Firefox Focus
  • Implement network filtering to block known malicious domains that might host exploit code

🔍 How to Verify

Check if Vulnerable:

Open Firefox Focus > Settings > About. Check if version is below 122.

Check Version:

Not applicable for iOS apps; check via app settings

Verify Fix Applied:

After updating, verify version is 122 or higher in Settings > About.

📡 Detection & Monitoring

Log Indicators:

  • Unusual JavaScript execution events in browser logs
  • Multiple rapid URL opening attempts with custom schemes

Network Indicators:

  • Requests to unusual domains following custom scheme URL activations

SIEM Query:

Not typically applicable for mobile browser vulnerabilities on personal devices

📊 Metadata

CVE ID: CVE-2024-1563
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-367
Published: February 22, 2024
Last Updated: March 27, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-1563, you might also want to check these:

CVE-2026-25641 10.0

CVE-2026-25641 is a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attack...

Same vulnerability type (CWE-367)
CVE-2025-64180 10.0

A critical TOCTOU vulnerability in Manager accounting software allows attackers to bypass DNS valida...

Same vulnerability type (CWE-367)
CVE-2025-13032 9.9

A double fetch vulnerability in the sandbox kernel driver of Avast/AVG Antivirus on Windows allows l...

Same vulnerability type (CWE-367)