Description
Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143.
Published: 2025-09-16
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Patch
AI Analysis

Impact

The vulnerability arises from inadequate protection of sensitive data within Firefox for Android's Privacy component, leading to potential exposure of user information. Attackers could exploit this flaw to read data that should remain private, breaching confidentiality. The weakness aligns with CWE-200, indicating information exposure.

Affected Systems

Mozilla Firefox for Android versions prior to 143. Firefox 143 and later include the fix. No other vendors or products are impacted by this vulnerability within the current CNA data.

Risk and Exploitability

The CVSS score of 7.5 signals a high impact if exploited. The EPSS < 1% indicates a low likelihood of exploitation at this time, and the vulnerability is not listed in CISA's KEV. Likely exploitation requires user interaction or local privilege escalation, as no remote execution vector is described. Therefore, while the risk is moderate, timely patching remains critical.

Generated by OpenCVE AI on April 20, 2026 at 17:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Firefox for Android to version 143 or later.
  • Configure device or app‑level restrictions to limit the Privacy component’s access to sensitive data if an update cannot be applied immediately.
  • Monitor Mozilla security advisories for any further patches or guidance related to this vulnerability.

Generated by OpenCVE AI on April 20, 2026 at 17:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-29553 This vulnerability affects Firefox < 143.
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability affects Firefox < 143. Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143.

Thu, 30 Oct 2025 16:30:00 +0000

Type Values Removed Values Added
Description This vulnerability affects Firefox < 143. Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability affects Firefox < 143.
Title firefox: Information disclosure, mitigation bypass in the Privacy component in Firefox for Android Information disclosure, mitigation bypass in the Privacy component in Firefox for Android

Fri, 19 Sep 2025 20:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Thu, 18 Sep 2025 00:15:00 +0000

Type Values Removed Values Added
Title firefox: Information disclosure, mitigation bypass in the Privacy component in Firefox for Android
References
Metrics threat_severity

None

threat_severity

Low


Wed, 17 Sep 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Vendors & Products Mozilla
Mozilla firefox

Tue, 16 Sep 2025 12:45:00 +0000

Type Values Removed Values Added
Description This vulnerability affects Firefox < 143.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:30:35.055Z

Reserved: 2025-09-16T06:48:48.904Z

Link: CVE-2025-10535

cve-icon Vulnrichment

Updated: 2025-09-17T14:03:49.853Z

cve-icon NVD

Status : Modified

Published: 2025-09-16T13:15:48.503

Modified: 2026-04-13T15:16:37.213

Link: CVE-2025-10535

cve-icon Redhat

Severity : Low

Publid Date: 2025-09-16T12:26:38Z

Links: CVE-2025-10535 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T18:00:11Z

Weaknesses