CVE-2025-10290 is a vulnerability identified in Mozilla Focus for iOS, specifically affecting versions prior to 143.0. The issue occurs when a user opens links through the contextual menu (triggered by a long-press) for certain URL schemes. Under these conditions, the browser fails to load the intended page correctly but does not refresh the toolbar UI accordingly. This discrepancy enables attackers to spoof websites by presenting a misleading interface that appears legitimate, potentially deceiving users into performing unsafe actions such as entering credentials or downloading malicious content. The vulnerability is classified under CWE-451 (Incorrect Resolution of URI Reference), indicating improper handling of URL schemes. The CVSS v3.1 score is 6.5 (medium severity), reflecting that the attack vector is network-based, requires no privileges, but does require user interaction. The impact is primarily on integrity, as attackers can manipulate the user interface to misrepresent the actual website. No confidentiality or availability impacts are noted. No known exploits have been reported in the wild, and no official patches have been published yet. This vulnerability highlights the risks associated with UI inconsistencies and the importance of proper URL handling in mobile browsers.

For European organizations, the primary impact of CVE-2025-10290 lies in the potential for phishing and social engineering attacks leveraging UI spoofing within Mozilla Focus on iOS devices. Since Focus is a privacy-focused browser, users may have a higher trust level, increasing the risk of successful deception. The integrity of the browsing experience is compromised, which could lead to credential theft, unauthorized data disclosure, or installation of malware if users are tricked into interacting with spoofed content. While the vulnerability does not directly affect confidentiality or availability, the indirect consequences of successful phishing or malware deployment can be significant, including data breaches or compromised endpoints. Organizations with employees or customers using Mozilla Focus on iOS should be vigilant, especially in sectors with high regulatory requirements such as finance, healthcare, and government. The lack of known exploits reduces immediate risk but does not eliminate the threat, particularly as attackers may develop exploits once the vulnerability is publicly known.

1. Advise users to avoid opening links via long-press contextual menus in Mozilla Focus for iOS until an official patch is released. 2. Encourage the use of alternative browsers with robust security updates for critical tasks, especially in sensitive environments. 3. Implement user awareness training focused on recognizing suspicious UI behavior and phishing attempts, emphasizing caution when interacting with links opened via contextual menus. 4. Monitor for updates from Mozilla and apply patches promptly once available. 5. Employ mobile device management (MDM) solutions to enforce browser update policies and restrict installation of unapproved browsers. 6. Use network-level protections such as DNS filtering and web proxies to block access to known malicious domains that could exploit this vulnerability. 7. Consider deploying endpoint detection and response (EDR) tools capable of identifying anomalous browser behavior indicative of exploitation attempts.