#VU72258 Security features bypass in Mozilla Firefox - CVE-2023-25740

Cybersecurity Help s.r.o.

Published: 2023-02-15

Vulnerability identifier: #VU72258

Vulnerability risk: Medium

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-25740

CWE-ID: CWE-254

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Mozilla Firefox
Client/Desktop applications / Web browsers

Vendor: Mozilla

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error when handling .scf scrips that are opened by the browser from the local filesystem. A remote attacker can trick the victim into launching a specially crafted .scf script that then initiates network requests from the operating system to the malicious server. A remote attacker can obtain potentially sensitive information including NTLM credentials.

Note, the vulnerability affects Windows installations only.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 103.0 - 109.0

External links
https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for Mozilla Thunderbird

Multiple vulnerabilities in Firefox Focus for Android

Multiple vulnerabilities in Firefox for Android

Multiple vulnerabilities in Mozilla Firefox and Firefox ESR