CVE-2022-38474

Summary

A website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt - it only affects the notification shown once permission has been granted.<br />This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 104.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 104affected

Weaknesses

  • Recording notification not shown when microphone was recording on Android

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References