CVE-2025-55031

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 142 Focus for iOS versions prior to 142

Description: Malicious pages could exploit Firefox for iOS to pass FIDO links to the operating system, triggering the hybrid passkey transport. An attacker within Bluetooth range could potentially trick a user into using their passkey to log the attacker’s computer into the target account.

Recommendations: Update Firefox for iOS to version 142 or later. Update Focus for iOS to version 142 or later.

Fix

Open Redirect

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601CWE-200

Related Identifiers

BDU:2025-10483

CVE-2025-55031

Affected Products

Firefox For Ios

Focus For Ios

CVE-2025-55031

Weakness Enumeration

Related Identifiers

Affected Products

References · 11