Login Sign Up

CVE-2025-8041

5.3 MEDIUM

📋 TL;DR

Firefox for Android displayed URLs incorrectly by truncating from the end instead of showing the origin first, potentially hiding malicious domains. This affects Firefox for Android versions before 141. Users could be tricked into visiting phishing sites due to misleading URL display.

💻 Affected Systems

Products:
  • Firefox for Android
Versions: All versions < 141
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Firefox for Android, not desktop Firefox or other browsers. Default configuration is vulnerable.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users visit malicious phishing sites believing they're legitimate, leading to credential theft, malware installation, or financial fraud.

🟠

Likely Case

Users accidentally visit phishing sites due to misleading URL display, potentially exposing sensitive information.

🟢

If Mitigated

Users notice the truncated URL and verify the full address before proceeding, preventing successful phishing.

🌐 Internet-Facing: HIGH - This affects mobile browsers directly exposed to internet content and phishing attempts.
🏢 Internal Only: LOW - Primarily an internet-facing browser vulnerability, though internal phishing attempts could still occur.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction (clicking a link) and convincing social engineering to hide malicious domains in truncated URLs.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox for Android 141

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2025-56/

Restart Required: No

Instructions:

1. Open Google Play Store 2. Search for Firefox 3. Tap Update if available 4. Alternatively, enable auto-updates in Play Store settings

🔧 Temporary Workarounds

Manual URL Verification

android

Always tap and hold URLs to see full address before clicking

Use Alternative Browser

android

Temporarily use Chrome or other browsers until Firefox is updated

🧯 If You Can't Patch

  • Train users to always verify full URLs before clicking links
  • Implement web filtering to block known phishing domains

🔍 How to Verify

Check if Vulnerable:

Open Firefox for Android > Settings > About Firefox. If version is less than 141, you are vulnerable.

Check Version:

Open Firefox > Settings > About Firefox

Verify Fix Applied:

After updating, test by visiting a long URL and verify the origin is displayed first in the address bar.

📡 Detection & Monitoring

Log Indicators:

  • Unusual user reports of suspicious URLs or phishing attempts

Network Indicators:

  • Increased traffic to known phishing domains from Firefox Android clients

SIEM Query:

Search for user reports containing 'firefox android url display' or 'phishing attempt'

📊 Metadata

CVE ID: CVE-2025-8041
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CWE: CWE-451
EPSS Score: 0.04% exploit probability (10.1th percentile)
Published: August 19, 2025
Last Updated: September 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-8041, you might also want to check these:

CVE-2025-8043 9.8

This vulnerability involves incorrect URL truncation in Firefox and Thunderbird, which could allow a...

Same vulnerability type (CWE-451)
CVE-2026-2634 9.8

This vulnerability in Firefox for iOS allows malicious scripts to desynchronize the address bar from...

Same vulnerability type (CWE-451)
CVE-2026-0906 9.8

This vulnerability allows attackers to spoof the URL bar (Omnibox) in Google Chrome on Android, pote...

Same vulnerability type (CWE-451)