Closed Bug 1893622 Opened 1 year ago Closed 1 year ago

Latest Android Nightly: Hiding Full Screen Notification with WebAuthn Attestation prompt leading to spoof

Categories

(Firefox for Android :: General, defect)

Product:
Firefox for Android
Component:
General
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1865413

People

(Reporter: proof131072, Unassigned)

References

Details

(Keywords: csectype-spoof, reporter-external, Whiteboard: [reporter-external] [client-bounty-form] [verif?])

Attachments

(1 file)

Screen_Recording_20240426_201008_Firefox Nightly.mp4
2.00 MB, video/mp4
Details

We are able to spoof the address bar with WebAuthn Attestation prompt since it hides the Full Screen Notification.

Steps to reproduce:

  1. Go to https://pwning.click/webauthn2.php

  2. Tap on "START" and "Click here!"

Please note that this has a different root cause to https://bugzilla.mozilla.org/show_bug.cgi?id=1881902 and https://bugzilla.mozilla.org/show_bug.cgi?id=1884642 since they work on both Nightly and Focus while this only works on Nightly.

Flags: sec-bounty?

The impact of this issue is also similar to this High Severity Chrome Full Screen Spoof issue https://issues.chromium.org/issues/40057591 since this is default notification and affect all users regardless of settings, though.

Group: firefox-core-security → mobile-core-security
Component: Security → General
Product: Firefox → Fenix
Status: NEW → RESOLVED
Closed: 1 year ago
Duplicate of bug: 1865413
Keywords: csectype-spoof
Resolution: --- → DUPLICATE
See Also: → 1865413
Flags: sec-bounty? → sec-bounty-
Group: mobile-core-security
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: