CVE-2025-14744
Unicode RTLO Spoofing in Firefox for iOS Downloads UI
Publication date: 2025-12-18
Last updated on: 2026-04-13
Assigner: Mozilla Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mozilla | firefox_for_ios | 144.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-451 | The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The impact of this vulnerability is that users might be deceived into downloading and saving files that appear to be safe or of a certain type, but are actually different or potentially harmful. This could lead to inadvertent execution of malicious files or exposure to security risks. [1]
Can you explain this vulnerability to me?
This vulnerability involves the use of Unicode Right-to-Left Override (RTLO) characters by malicious websites to spoof filenames in the downloads user interface of Firefox for iOS. This means attackers can manipulate how filenames appear, potentially tricking users into saving files with misleading or unexpected file types. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves Unicode RTLO characters spoofing filenames in Firefox for iOS downloads UI. Detection would involve monitoring downloaded filenames for suspicious use of RTLO characters (Unicode U+202E). Since this is specific to Firefox for iOS and its downloads UI, there are no specific network commands provided to detect it. Users can manually inspect downloaded filenames for unexpected reversed text or unusual file extensions caused by RTLO characters. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update Firefox for iOS to version 144.0 or later, which includes the fix preventing RTLO character misuse in filenames. Avoid downloading files from untrusted websites and be cautious of filenames that appear suspicious or have unexpected file extensions. [1]