PT-2025-3810 · Mozilla+2 · Firefox+2

Jurrie Overgoor

Published

2025-01-07

Updated

2025-11-19

CVE-2025-0245

CVSS v2.0

6.1

Medium

Vector

AV:N/AC:H/Au:N/C:C/I:P/A:N

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 134

Description A user opt-in setting that requires authentication before using Focus could be bypassed under certain circumstances.

Recommendations For versions prior to 134, update to a version that includes the fix for this issue to ensure that the user opt-in setting for requiring authentication before using Focus is properly enforced.

Fix

Authentication Bypass Using an Alternate Path or Channel

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-288CWE-254

Related Identifiers

ALT-PU-2025-11100

ALT-PU-2025-14599

ALT-PU-2025-1984

ALT-PU-2025-2230

BDU:2025-02403

CVE-2025-0245

OPENSUSE-SU-2025:14630-1

Affected Products

Alt Linux

Astra Linux

Firefox

PT-2025-3810 · Mozilla+2 · Firefox+2

CVE-2025-0245

Weakness Enumeration

Related Identifiers

Affected Products

References · 29