CVE-2025-4085 — Improper Privilege Management in Mozilla Firefox

CWE-269 — Improper Privilege Management CWE-200 — Sensitive Information Exposure9 documents8 sources

Severity

7.1HIGHNVD

EPSS

0.2%

top 59.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Thunderbird

Timeline

PublishedApr 29

Latest updateFeb 2

Description

An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability was fixed in Firefox 138 and Thunderbird 138.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages3 packages

▶NVDmozilla/firefox< 138.0

▶NVDmozilla/thunderbird< 138.0

▶Ubuntumozilla/thunderbird< 1:140.7.1+build1-0ubuntu0.22.04.1

🔴Vulnerability Details

CVEList

Potential information leakage and privilege escalation in UITour actor↗2025-04-29

▶

GHSA

GHSA-8hvc-6h7p-6mcf: An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privi↗2025-04-29

▶

OSV

CVE-2025-4085: An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privi↗2025-04-29

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2026-02-02

▶

Red Hat

firefox: thunderbird: Potential information leakage and privilege escalation in UITour actor↗2025-04-29

▶

Debian

CVE-2025-4085: firefox - An attacker with control over a content process could potentially leverage the p...↗2025

▶

Mozilla

Mozilla Foundation Security Advisory 2025-31: CVE-2025-4085↗

▶

Mozilla

Mozilla Foundation Security Advisory 2025-28: CVE-2025-4085↗

▶