Login Sign Up

CVE-2025-11717

9.1 CRITICAL

📋 TL;DR

This vulnerability in Firefox for Android allows attackers to view password-related screens when switching between apps using the card carousel. Previously, Firefox 144 fixed an issue where password edit screens were visible in app switcher previews. This affects Firefox for Android versions before 144.

💻 Affected Systems

Products:
  • Firefox for Android
Versions: All versions < 144
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Firefox for Android when using password-related screens and switching apps via Android's card carousel.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could capture sensitive password information from app switcher previews when users switch away from Firefox password screens.

🟠

Likely Case

Local attackers or malicious apps could view password-related screens in the Android app switcher, potentially exposing credential information.

🟢

If Mitigated

With Firefox 144+, password screens are properly obscured in app switcher previews, preventing information disclosure.

🌐 Internet-Facing: LOW - This is a local information disclosure vulnerability requiring physical or app-level access to the device.
🏢 Internal Only: MEDIUM - In shared device environments or with malicious apps installed, sensitive password information could be exposed.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access to the device or a malicious app that can trigger app switching while password screens are active.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox 144

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2025-81/

Restart Required: Yes

Instructions:

1. Open Google Play Store 2. Search for Firefox 3. Update to version 144 or later 4. Restart Firefox after update

🔧 Temporary Workarounds

Avoid password screens in app switcher

android

Manually close Firefox or switch to home screen before leaving device unattended when using password features

🧯 If You Can't Patch

  • Disable Firefox password manager and use third-party password managers
  • Enable device screen lock and never leave device unattended when using Firefox password features

🔍 How to Verify

Check if Vulnerable:

Check Firefox version in Settings > About Firefox. If version is less than 144, you are vulnerable.

Check Version:

In Firefox: Settings > About Firefox

Verify Fix Applied:

Update to Firefox 144+, then test by opening password screen and switching apps - password screen should show black preview.

📡 Detection & Monitoring

Log Indicators:

  • No specific log indicators for this vulnerability

Network Indicators:

  • No network indicators - local vulnerability only

SIEM Query:

Not applicable - local information disclosure vulnerability

📊 Metadata

CVE ID: CVE-2025-11717
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-200
EPSS Score: 0.06% exploit probability (17.2th percentile)
Published: October 14, 2025
Last Updated: October 15, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11717, you might also want to check these:

CVE-2025-61481 10.0

MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default...

Same vulnerability type (CWE-200)
CVE-2025-53624 10.0

The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid...

Same vulnerability type (CWE-200)
CVE-2023-49103 10.0

This vulnerability in ownCloud's graphapi app exposes PHP configuration details (phpinfo) via a thir...

Same vulnerability type (CWE-200)