CVE-2023-37456

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jul 12, 2023

Updated: Jul 20, 2023

Summary

CVE-2023-37456 is a vulnerability affecting Firefox for iOS versions prior to 115. The session restore helper in the browser is susceptible to crashing when no parameter is sent to the message handler. This issue could potentially be exploited by an attacker to cause denial of service or gain unauthorized access to user data. The crash occurs due to a programming error in the helper, which fails to handle the absence of input parameters correctly. Users are advised to update their Firefox for iOS browsers to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mozilla Firefox

Affected Vendors

Mozilla

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5ZCK-
https://www.cve.org/CVERecord?id=CVE-2023-37456
https://nvd.nist.gov/vuln/detail/CVE-2023-37456

Back to Vulnerability Database