CVE-2025-6433: Vulnerability in Mozilla Firefox
If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This vulnerability was fixed in Firefox 140 and Thunderbird 140.
AI Analysis
Technical Summary
This vulnerability allows a webpage with an invalid TLS certificate, for which the user has granted an exception, to present a WebAuthn challenge that the user may be prompted to complete. This violates the WebAuthn specification that mandates challenges only be presented over secure transports without errors. The flaw was addressed and fixed in Firefox 140 and Thunderbird 140 releases. The CVSS 3.1 base score is 9.8, reflecting network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality, integrity, and availability.
Potential Impact
If exploited, an attacker controlling a webpage with an invalid TLS certificate could trick a user who has manually accepted the certificate exception into completing a WebAuthn challenge. This undermines the security guarantees of WebAuthn, potentially allowing unauthorized authentication actions. The impact is rated critical due to the high CVSS score and the violation of WebAuthn security requirements. However, no known exploits are reported in the wild.
Mitigation Recommendations
This vulnerability is fixed in Mozilla Firefox 140 and Thunderbird 140. Users and administrators should update to these versions or later to remediate the issue. Since this is a client-side vulnerability, applying the official vendor updates is the recommended and effective mitigation. There is no indication from the vendor advisory that additional user actions or temporary mitigations are required.
CVE-2025-6433: Vulnerability in Mozilla Firefox
Description
If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This vulnerability was fixed in Firefox 140 and Thunderbird 140.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability allows a webpage with an invalid TLS certificate, for which the user has granted an exception, to present a WebAuthn challenge that the user may be prompted to complete. This violates the WebAuthn specification that mandates challenges only be presented over secure transports without errors. The flaw was addressed and fixed in Firefox 140 and Thunderbird 140 releases. The CVSS 3.1 base score is 9.8, reflecting network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality, integrity, and availability.
Potential Impact
If exploited, an attacker controlling a webpage with an invalid TLS certificate could trick a user who has manually accepted the certificate exception into completing a WebAuthn challenge. This undermines the security guarantees of WebAuthn, potentially allowing unauthorized authentication actions. The impact is rated critical due to the high CVSS score and the violation of WebAuthn security requirements. However, no known exploits are reported in the wild.
Mitigation Recommendations
This vulnerability is fixed in Mozilla Firefox 140 and Thunderbird 140. Users and administrators should update to these versions or later to remediate the issue. Since this is a client-side vulnerability, applying the official vendor updates is the recommended and effective mitigation. There is no indication from the vendor advisory that additional user actions or temporary mitigations are required.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mozilla
- Date Reserved
- 2025-06-20T14:51:39.059Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 685aa0274dc24046c1dc5ab6
Added to database: 6/24/2025, 12:55:03 PM
Last enriched: 4/14/2026, 11:52:19 AM
Last updated: 5/8/2026, 1:41:57 PM
Views: 130
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.