High severity7.8NVD Advisory· Published Jun 11, 2025· Updated Apr 13, 2026
CVE-2025-5687
CVE-2025-5687
Description
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. *This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.*. This vulnerability was fixed in Mozilla VPN 2.28.0 (macOS).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:mozilla:vpn:*:*:*:*:*:macos:*:*+ 1 more
- cpe:2.3:a:mozilla:vpn:*:*:*:*:*:macos:*:*range: <2.28.0
- (no CPE)range: <2.28.0
Patches
Vulnerability mechanics
References
2- www.mozilla.org/security/advisories/mfsa2025-48/nvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdPermissions Required
News mentions
0No linked articles in our index yet.