CVE-2015-8512
First published: Sat Jan 09 2016(Updated: )
The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering many passcode guesses.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox OS | <=2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-8512?
CVE-2015-8512 is classified as a medium severity vulnerability due to its potential for unauthorized access.
How do I fix CVE-2015-8512?
To mitigate CVE-2015-8512, update Mozilla Firefox OS to version 2.5 or higher where the vulnerability is addressed.
What types of attacks can exploit CVE-2015-8512?
CVE-2015-8512 can be exploited through brute force attacks on the lockscreen by guessing passcodes.
Which versions of Mozilla Firefox OS are affected by CVE-2015-8512?
CVE-2015-8512 affects all versions of Mozilla Firefox OS prior to 2.5.
What is the impact of CVE-2015-8512 on user security?
The impact of CVE-2015-8512 is that it allows physical attackers to gain unauthorized access to the device through repeated passcode attempts.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/mozilla
- canonical/mozilla firefox os
- version/mozilla firefox os/2.2