{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-27424", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-02-24T20:03:31.187Z", "datePublished": "2025-03-04T13:31:28.256Z", "dateUpdated": "2026-04-13T14:29:04.860Z"}, "containers": {"cna": {"affected": [{"product": "Firefox for iOS", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "136", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136."}]}], "title": "Firefox Mobile iOS Address Bar Spoof Using Server-Side Redirect to non-http Scheme", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1945392"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-13/"}], "credits": [{"lang": "en", "value": "Renwa"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:29:04.860Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-601", "lang": "en", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-04T15:27:30.313856Z", "id": "CVE-2025-27424", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-04T15:30:08.306Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-27424", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-04T15:27:30.313856Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-04T15:30:02.838Z"}}], "cna": {"title": "Firefox Mobile iOS Address Bar Spoof Using Server-Side Redirect to non-http Scheme", "credits": [{"lang": "en", "value": "Renwa"}], "affected": [{"vendor": "Mozilla", "product": "Firefox for iOS", "versions": [{"status": "unaffected", "version": "136", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1945392"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-13/"}], "descriptions": [{"lang": "en", "value": "Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136.", "supportingMedia": [{"type": "text/html", "value": "Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:29:04.860Z"}}}, "cveMetadata": {"cveId": "CVE-2025-27424", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:29:04.860Z", "dateReserved": "2025-02-24T20:03:31.187Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-03-04T13:31:28.256Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "7DB4CDD0-EC54-43D0-ACB2-F159ABA53D2C", "versionEndExcluding": "136.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136."}, {"lang": "es", "value": "Los sitios web que redireccionan a una URL con un esquema que no sea HTTP podr\u00edan permitir que la direcci\u00f3n de un sitio web se falsifique para una p\u00e1gina maliciosa. Esta vulnerabilidad afecta a Firefox para iOS < 136."}], "id": "CVE-2025-27424", "lastModified": "2026-04-13T15:16:55.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-03-04T14:15:39.397", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1945392"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-13/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T18:20:09.887669+00:00", "value": {"mitigation_remediation": ["Upgrade Firefox for iOS to version 136 or later, which contains the authorized redirect validation fix.", "If an update is temporarily unavailable, use a mobile security tool or network filter to block redirects that target non\u2011http schemes from untrusted origins.", "Educate users not to trust URLs displayed in the address bar when they differ from or appear suspicious in relation to the site they are visiting."], "summary": {"action": "Patch", "impact": "Address Bar Spoofing (Phishing)"}, "threat_synthesis": {"affected_systems": "Mozilla Firefox for iOS is affected when it runs on versions released before 136. The fix was implemented in Firefox for iOS 136, so any earlier release exposes users to this address bar spoofing risk on iOS devices.", "description_and_impact": "The vulnerability is an open redirect flaw that allows a website to redirect a user to a URL using a non-http scheme, such as a custom scheme or app-specific URL. This can cause the address bar to display a legitimate domain while the user is actually navigated to a malicious page or application, creating a high risk of phishing or credential theft. The weakness is classified as CWE-601, which indicates that an attacker can redirect a user to an arbitrary external site or scheme without validation.", "risk_and_exploitability": "The CVSS score of 4.3 categorizes the vulnerability as low severity, and the EPSS score of less than 1% indicates a very low probability of exploitation under current conditions. The vulnerability is not listed in the CISA KEV catalog. An attacker would need only to craft a malicious link that triggers a server\u2011side redirect to a non-http scheme, which is feasible through a regular web page or email, and requires the victim to interact with the redirect. No elevated privileges or additional exploits are needed for the attack to succeed."}}}}, "created": "2026-04-20T18:30:13.977483+00:00", "updated": "2026-04-20T18:30:13.977498+00:00", "vendors": []}