Primary

Context

Mozilla Firefox and Focus for iOS Passkey Phishing Vulnerability via FIDO Links

Vulnerability

A vulnerability exists in Firefox for iOS versions prior to 142 and Focus for iOS versions prior to 142, allowing malicious pages to send FIDO links that could be used to hijack passkeys. An attacker within Bluetooth range could exploit this to log into a target account using the victim's passkey.

Impact

Exploitation of this vulnerability could lead to unauthorized access to accounts by misusing the victim's passkey.

Remediation

Users can update to Firefox for iOS 142 or Focus for iOS 142 to address this vulnerability.

Added: Aug 19, 2025, 9:32 PM

Updated: Aug 19, 2025, 9:32 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

2.9

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

2.9

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox and Focus for iOS Passkey Phishing Vulnerability via FIDO Links

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating