Vulnerability-Lookup

CNVD-2026-02992

Vulnerability from cnvd - Published: 2026-01-13

Title

Mozilla Firefox for iOS欺骗漏洞（CNVD-2026-02992）

Description

Mozilla Firefox for iOS是美国Mozilla基金会的一款针对iOS设备设计的网页浏览器。 Mozilla Firefox for iOS存在欺骗漏洞，该漏洞是由于在使用Unicode从右向左字符时出现错误所致。攻击者可利用该漏洞在下载用户界面中伪造文件名。

Severity

高

Patch Name

Mozilla Firefox for iOS欺骗漏洞（CNVD-2026-02992）的补丁

Patch Description

Mozilla Firefox for iOS是美国Mozilla基金会的一款针对iOS设备设计的网页浏览器。 Mozilla Firefox for iOS存在欺骗漏洞，该漏洞是由于在使用Unicode从右向左字符时出现错误所致。攻击者可利用该漏洞在下载用户界面中伪造文件名。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已提供漏洞修复方案，请关注厂商主页更新： https://bugzilla.mozilla.org/show_bug.cgi?id=1984683

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1984683

Impacted products

Name
Mozilla Firefox for iOS <144.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-14744",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-14744"
    }
  },
  "description": "Mozilla Firefox for iOS\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u9488\u5bf9iOS\u8bbe\u5907\u8bbe\u8ba1\u7684\u7f51\u9875\u6d4f\u89c8\u5668\u3002\n\nMozilla Firefox for iOS\u5b58\u5728\u6b3a\u9a97\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u5728\u4f7f\u7528Unicode\u4ece\u53f3\u5411\u5de6\u5b57\u7b26\u65f6\u51fa\u73b0\u9519\u8bef\u6240\u81f4\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u4e0b\u8f7d\u7528\u6237\u754c\u9762\u4e2d\u4f2a\u9020\u6587\u4ef6\u540d\u3002",
  "formalWay": "\u5382\u5546\u5df2\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1984683",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-02992",
  "openTime": "2026-01-13",
  "patchDescription": "Mozilla Firefox for iOS\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u9488\u5bf9iOS\u8bbe\u5907\u8bbe\u8ba1\u7684\u7f51\u9875\u6d4f\u89c8\u5668\u3002\r\n\r\nMozilla Firefox for iOS\u5b58\u5728\u6b3a\u9a97\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u5728\u4f7f\u7528Unicode\u4ece\u53f3\u5411\u5de6\u5b57\u7b26\u65f6\u51fa\u73b0\u9519\u8bef\u6240\u81f4\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u4e0b\u8f7d\u7528\u6237\u754c\u9762\u4e2d\u4f2a\u9020\u6587\u4ef6\u540d\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Mozilla Firefox for iOS\u6b3a\u9a97\u6f0f\u6d1e\uff08CNVD-2026-02992\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Mozilla Firefox for iOS \u003c144.0"
  },
  "referenceLink": "https://bugzilla.mozilla.org/show_bug.cgi?id=1984683",
  "serverity": "\u9ad8",
  "submitTime": "2025-12-25",
  "title": "Mozilla Firefox for iOS\u6b3a\u9a97\u6f0f\u6d1e\uff08CNVD-2026-02992\uff09"
}

CVE-2025-14744 (GCVE-0-2025-14744)

Vulnerability from cvelistv5 – Published: 2025-12-18 14:21 – Updated: 2025-12-18 19:19

Title

Filename spoofing via Unicode Right-to-Left Override in Firefox for iOS

Summary

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability affects Firefox for iOS < 144.0.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE

CWE-451 - User Interface (UI) Misrepresentation of Critical Information

Assigner

mozilla

References

URL

Tags

	https://bugzilla.mozilla.org/show_bug.cgi?id=1984683
	https://www.mozilla.org/security/advisories/mfsa2…

Impacted products

	Vendor	Product	Version
	Mozilla	Firefox for iOS	Affected: unspecified , < 144.0 (custom)

Credits

Azril

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-14744",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-18T19:12:45.595694Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-451",
                "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-18T19:19:42.637Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox for iOS",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "144.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Azril"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability affects Firefox for iOS \u003c 144.0."
            }
          ],
          "value": "Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability affects Firefox for iOS \u003c 144.0."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-18T14:21:12.328Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1984683"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2025-97/"
        }
      ],
      "title": "Filename spoofing via Unicode Right-to-Left Override in Firefox for iOS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2025-14744",
    "datePublished": "2025-12-18T14:21:12.328Z",
    "dateReserved": "2025-12-15T19:44:44.939Z",
    "dateUpdated": "2025-12-18T19:19:42.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2026-02992

CVE-2025-14744 (GCVE-0-2025-14744)

Tags

Sightings

Nomenclature