PT-2024-37748 · Mozilla+2 · Firefox Android+2

Shaheen Fazim

·

Published

2024-07-09

·

Updated

2025-03-14

·

CVE-2024-6605

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox Android versions prior to 128
Description The issue allows for immediate interaction with permission prompts, which could be used for tapjacking.
Recommendations For versions prior to 128, update to version 128 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-277

Related Identifiers

ALT-PU-2024-13895
ALT-PU-2024-15839
CVE-2024-6605
OESA-2025-1265
OESA-2025-1268
OPENSUSE-SU-2024:14197-1
OPENSUSE-SU-2024:14572-1
OPENSUSE-SU-2024_3003-1
SUSE-SU-2024:2876-1
SUSE-SU-2024:3003-1

Affected Products

Alt Linux
Firefox Android
Suse