CVE-2025-5687

Summary

A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.. This vulnerability was fixed in Mozilla VPN 2.28.0 (macOS).

Affected Software

VendorProductVersion RangeStatus
MozillaMozilla VPN 2.28.0(macOS) <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References