Login Sign Up

CVE-2025-54143

9.8 CRITICAL

📋 TL;DR

This vulnerability in Firefox for iOS allows sandboxed iframes to bypass download restrictions, enabling malicious websites to download files to devices without user consent. It affects Firefox for iOS versions below 141, putting mobile users at risk of malware installation or data theft.

💻 Affected Systems

Products:
  • Firefox for iOS
Versions: All versions < 141
Operating Systems: iOS
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Firefox browser on iOS devices; other browsers and platforms are not affected.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could download and execute malware, steal sensitive files, or compromise the entire iOS device through drive-by attacks on malicious websites.

🟠

Likely Case

Malicious websites could download unwanted files, adware, or tracking software to user devices without proper consent or security checks.

🟢

If Mitigated

With proper patching, the sandbox restrictions work as intended, preventing unauthorized downloads from iframes.

🌐 Internet-Facing: HIGH - This vulnerability is exploitable through regular web browsing on any website containing malicious iframes.
🏢 Internal Only: LOW - Requires user interaction with malicious web content, not typically an internal network threat.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires users to visit malicious websites but doesn't require authentication or special permissions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 141

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2025-60/

Restart Required: Yes

Instructions:

1. Open the App Store on iOS. 2. Search for Firefox. 3. Tap 'Update' if available. 4. Alternatively, uninstall and reinstall Firefox to get latest version.

🔧 Temporary Workarounds

Disable JavaScript in iframes

ios

Configure Firefox to block JavaScript execution in iframes, which may prevent exploitation but breaks many websites.

Use alternative browser

ios

Temporarily switch to Safari or another browser until Firefox is updated.

🧯 If You Can't Patch

  • Avoid visiting untrusted websites and use browser extensions that block malicious content
  • Enable strict content security policies and disable automatic downloads in browser settings

🔍 How to Verify

Check if Vulnerable:

Open Firefox on iOS, go to Settings > About Firefox, check if version is below 141.

Check Version:

Not applicable for iOS GUI app; check via Settings > About Firefox

Verify Fix Applied:

Confirm Firefox version is 141 or higher in Settings > About Firefox.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected file downloads from web sources
  • Iframe-related security violations in browser logs

Network Indicators:

  • Unusual download traffic from web browsing sessions
  • Requests bypassing sandbox policies

SIEM Query:

Not typically applicable for mobile browser vulnerabilities on personal devices

📊 Metadata

CVE ID: CVE-2025-54143
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-693
EPSS Score: 0.09% exploit probability (24.8th percentile)
Published: August 19, 2025
Last Updated: August 21, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-54143, you might also want to check these:

CVE-2023-31273 10.0

This vulnerability in Intel Data Center Manager (DCM) software allows unauthenticated attackers to b...

Same vulnerability type (CWE-693)
CVE-2021-32835 9.9

CVE-2021-32835 is a sandbox escape vulnerability in Eclipse Keti that allows authenticated attackers...

Same vulnerability type (CWE-693)
CVE-2025-68668 9.9

This CVE describes a sandbox bypass vulnerability in n8n's Python Code Node that allows authenticate...

Same vulnerability type (CWE-693)