CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
52.7%
Paul Theriault of Mozilla discovered a privacy issue with a WiFi-related system message that wasn’t properly restricted to apps with the “wifi-manage” permission. As a result, even unprivileged apps could have received those messages, allowing them to extract limited information from a vulnerable Firefox OS device under certain rare conditions.
Vendor | Product | Version | CPE |
---|---|---|---|
mozilla | firefox_os | * | cpe:2.3:o:mozilla:firefox_os:*:*:*:*:*:*:*:* |