CVE-2025-5020: Vulnerability in Mozilla Firefox for iOS
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139.
AI Analysis
Technical Summary
This vulnerability involves Firefox for iOS improperly handling URLs with non-HTTP schemes opened from external applications such as Safari. Attackers could craft URLs that exploit this behavior to spoof website addresses within Firefox, potentially misleading users about the true destination. The issue was addressed and fixed in Firefox for iOS version 139, as detailed in Mozilla Foundation Security Advisory 2025-39.
Potential Impact
The vulnerability allows an attacker to spoof website addresses when URLs with non-HTTP schemes are opened from other apps, potentially misleading users. There is no impact on confidentiality or availability. The overall impact is low to medium given the nature of address spoofing without direct data compromise.
Mitigation Recommendations
Mozilla has released Firefox for iOS version 139 which fixes this vulnerability. Users and administrators should update to this version to remediate the issue. No additional mitigation steps are required as the vendor advisory confirms the issue is fixed.
CVE-2025-5020: Vulnerability in Mozilla Firefox for iOS
Description
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves Firefox for iOS improperly handling URLs with non-HTTP schemes opened from external applications such as Safari. Attackers could craft URLs that exploit this behavior to spoof website addresses within Firefox, potentially misleading users about the true destination. The issue was addressed and fixed in Firefox for iOS version 139, as detailed in Mozilla Foundation Security Advisory 2025-39.
Potential Impact
The vulnerability allows an attacker to spoof website addresses when URLs with non-HTTP schemes are opened from other apps, potentially misleading users. There is no impact on confidentiality or availability. The overall impact is low to medium given the nature of address spoofing without direct data compromise.
Mitigation Recommendations
Mozilla has released Firefox for iOS version 139 which fixes this vulnerability. Users and administrators should update to this version to remediate the issue. No additional mitigation steps are required as the vendor advisory confirms the issue is fixed.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mozilla
- Date Reserved
- 2025-05-21T01:18:07.391Z
- Cisa Enriched
- false
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682e0f74c4522896dcc513e2
Added to database: 5/21/2025, 5:37:56 PM
Last enriched: 4/14/2026, 11:49:04 AM
Last updated: 5/10/2026, 12:41:30 AM
Views: 77
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.