Multiple Zoho ManageEngine Products Vulnerabilities

May 23, 2025

CVE-2025-47181 – Microsoft Edge Chromium Based Vulnerability

May 23, 2025

Multiple Mozilla Firefox Vulnerabilities

May 23, 2025

Severity

Medium

Analysis Summary

CVE-2025-5020 CVSS:4.3

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS.

CVE-2025-4918 CVSS:7.5

Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read or write on a JavaScript `Promise` object. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.

Impact

Denial of Service
Code Execution

Indicators of Compromise

CVE

CVE-2025-5020
CVE-2025-4918

Affected Vendors

Mozilla

Affected Products

Mozilla Firefox ESR - 128.10.0
Mozilla Firefox - 138.0.3
Mozilla Firefox ESR - 115.23.0
Mozilla Firefox for iOS - 138

Remediation

Refer to Mozilla Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-5020

CVE-2025-4918

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Zoho ManageEngine Products Vulnerabilities

CVE-2025-47181 – Microsoft Edge Chromium Based Vulnerability

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation