Protection Mechanism Failure

CVE-2025-54143

High

9.8/10

Summary

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-693 - Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

References

Advisory Timeline

Published Aug 19, 2025

Protection Mechanism Failure

CVE-2025-54143

Summary

CWE-693 - Protection Mechanism Failure

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS