CVE-2025-54144 is a medium-severity vulnerability affecting Mozilla Firefox for iOS versions prior to 141. The issue arises from the internal open-text URL scheme used by Firefox to facilitate text query searches. This scheme was designed to allow users to perform searches within the browser by invoking a specific URL format. However, due to improper validation or sanitization of the input, attackers could craft malicious links that exploit this scheme to load arbitrary URLs, including external websites or internal pages within the browser. The vulnerability is classified under CWE-601, which corresponds to an Open Redirect flaw. Exploiting this vulnerability requires user interaction, specifically tricking a user into clicking a maliciously crafted link. Once clicked, the attacker can redirect the user to potentially harmful websites or phishing pages, which could lead to further attacks such as credential theft or malware delivery. The CVSS v3.1 base score is 5.4, indicating a medium severity level. The vector string (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) shows that the attack can be performed remotely over the network with low attack complexity, no privileges required, but requires user interaction. The impact affects confidentiality and integrity to a limited extent, with no impact on availability. No known exploits are currently reported in the wild, and no official patches have been linked yet, though the vulnerability has been publicly disclosed as of August 19, 2025.

For European organizations, this vulnerability poses a moderate risk primarily through phishing and social engineering campaigns targeting employees using Firefox for iOS. Since the flaw allows redirection to arbitrary URLs, attackers can leverage it to bypass security filters or URL reputation checks by using the legitimate Firefox URL scheme as a vector. This can facilitate delivery of malicious payloads, credential harvesting, or drive-by downloads, potentially leading to data breaches or compromise of corporate credentials. Organizations with mobile workforces relying on iOS devices and Firefox as a browser are particularly at risk. The impact is heightened in sectors where sensitive data is accessed via mobile devices, such as finance, healthcare, and government. However, the requirement for user interaction and the medium severity score suggest the threat is not critical but should not be ignored. The lack of known exploits in the wild currently reduces immediate risk but patching or mitigation should be prioritized to prevent future exploitation.

1. Update Firefox for iOS to version 141 or later once the patch is released by Mozilla to fully remediate the vulnerability. 2. Until patches are available, implement mobile device management (MDM) policies to restrict or monitor the use of Firefox for iOS on corporate devices. 3. Educate users about the risks of clicking unsolicited or suspicious links, especially those received via email or messaging apps. 4. Employ URL filtering and web gateway solutions that can detect and block suspicious redirects, including those leveraging legitimate URL schemes. 5. Consider disabling or restricting the use of the Firefox open-text URL scheme if possible through configuration or policy controls. 6. Monitor network traffic for unusual redirection patterns originating from iOS devices using Firefox. 7. Encourage multi-factor authentication (MFA) to reduce the impact of credential compromise resulting from phishing attacks exploiting this vulnerability.