March 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Seven Malicious Go Packages Discovered Deploying Malware on Linux and macOS – Active IOCs
March 6, 2025Elastic Patches Severe Kibana Flaw Enabling Arbitrary Code Execution
March 6, 2025Seven Malicious Go Packages Discovered Deploying Malware on Linux and macOS – Active IOCs
March 6, 2025Elastic Patches Severe Kibana Flaw Enabling Arbitrary Code Execution
March 6, 2025
Severity
Medium
Analysis Summary
CVE-2025-27425 CVSS:4.3
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first This vulnerability affects Firefox for iOS < 136.
CVE-2025-27426 CVSS:5.4
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox for iOS < 136.
CVE-2025-27424 CVSS:4.3
Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page This vulnerability affects Firefox for iOS < 136.
CVE-2025-1943 CVSS:8.2
Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136 and Thunderbird < 136.
CVE-2025-1938 CVSS:6.5
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
CVE-2025-1942 CVSS:6.5
When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 136.
CVE-2025-1935 CVSS:4.3
A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
Impact
- Gain Access
- Code Execution
Indicators of Compromise
CVE
CVE-2025-27425
CVE-2025-27426
CVE-2025-27424
CVE-2025-1943
CVE-2025-1938
CVE-2025-1942
CVE-2025-1935
Affected Vendors
Mozilla
Affected Products
- Mozilla Firefox for iOS 135
- Mozilla Firefox 135
- Mozilla Thunderbird 135
- Mozilla Firefox ESR 128.7
- Mozilla Thunderbird 128.7
Remediation
Refer to Mozilla Firefox Security Advisory for patch, upgrade, or suggested workaround information.