“Recently, browsing leader Mozilla shared the result of an independent security audit on its VPN service,” reports Fossbytes.
“Upon inspection, a few vulnerabilities were discovered in the VPN, one of which was reportedly a major risk.”
In a blog post, Mozilla shared that Cure53, a Berlin-based cybersecurity firm, had identified and fixed the security vulnerabilities in its VPN… The most severe issue, labeled “FVP-02-014,” made the user vulnerable to cross-site WebSocket hijacking. Moreover, the medium-risk vulnerabilities revolved around “VPN leak via captive portal detection” and “Auth code leak” by injecting the port. However, these sophisticated terms shouldn’t worry you anymore as Cure53 has already addressed these weaknesses. There has also been no mention of any Mozilla VPN users falling victim to these either.
The Firefox developer’s public post that outlines the security flaws detected by the German firm provides users an insight into the potential risks of using a VPN. Moreover, these audits also help Mozilla iron out any issues that its one-year-old VPN service might have.