Login Sign Up

CVE-2024-8897

6.1 MEDIUM

📋 TL;DR

This vulnerability allows attackers to spoof the address bar in Firefox for Android by exploiting an open redirect on a trusted site. When users are redirected to a malicious site, it appears to have the trusted site's URL, enabling phishing attacks. Only Firefox for Android versions below 130.0.1 are affected.

💻 Affected Systems

Products:
  • Firefox for Android
Versions: All versions < 130.0.1
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Firefox for Android. Desktop Firefox, iOS Firefox, and other browsers are not affected.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be tricked into entering sensitive credentials or financial information on a malicious site that appears to be a legitimate trusted site, leading to account compromise or financial loss.

🟠

Likely Case

Phishing attacks where users are redirected from legitimate sites to malicious ones that appear legitimate, potentially harvesting login credentials or personal information.

🟢

If Mitigated

With proper user awareness training and multi-factor authentication, the impact is reduced to potential exposure of non-critical information or temporary inconvenience.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires an existing open redirect vulnerability on a trusted website that users visit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 130.0.1

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2024-45/

Restart Required: Yes

Instructions:

1. Open Google Play Store on Android device. 2. Search for Firefox. 3. If update is available, tap Update. 4. Restart Firefox after update completes.

🔧 Temporary Workarounds

Disable Firefox for Android

android

Temporarily use alternative browsers until Firefox is updated.

Avoid clicking redirect links

all

Educate users to manually type URLs instead of clicking redirect links.

🧯 If You Can't Patch

  • Use alternative browsers like Chrome or Edge on Android devices.
  • Implement web filtering to block known malicious sites and open redirect endpoints.

🔍 How to Verify

Check if Vulnerable:

Open Firefox for Android, go to Settings > About Firefox. Check if version is below 130.0.1.

Check Version:

Not applicable for mobile - use app settings menu.

Verify Fix Applied:

After updating, verify version is 130.0.1 or higher in Settings > About Firefox.

📡 Detection & Monitoring

Log Indicators:

  • Unusual redirect patterns in web server logs
  • Multiple failed authentication attempts from same IP after redirects

Network Indicators:

  • HTTP 302 redirects from trusted domains to unfamiliar domains
  • SSL certificate mismatches for domains appearing as trusted sites

SIEM Query:

Not specifically applicable - focus on endpoint detection of vulnerable Firefox versions.

📊 Metadata

CVE ID: CVE-2024-8897
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-601
Published: September 17, 2024
Last Updated: March 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-8897, you might also want to check these:

CVE-2025-43526 9.8

A URL validation vulnerability in macOS and Safari allows web content opened via file URLs to bypass...

Same vulnerability type (CWE-601)
CVE-2025-55031 9.8

This vulnerability in Firefox and Focus for iOS allows malicious web pages to trigger hybrid passkey...

Same vulnerability type (CWE-601)
CVE-2024-22891 9.8

CVE-2024-22891 is a critical remote code execution vulnerability in Nteract v0.28.0 that allows atta...

Same vulnerability type (CWE-601)