Cyber Resilience

CVE-2022-45418

Medium

Published: 22 December 2022

Published
22 December 2022
Modified
15 April 2025
KEV Added
Patch
CVSS Score v3.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score 0.0018 39.1th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-45418 is a medium-severity Improper Restriction of Rendered UI Layers or Frames (CWE-1021) vulnerability in Mozilla Firefox. Its CVSS base score is 6.1 (Medium).

Operationally, ranked at the 39.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5,…

more

and Firefox < 107.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

mozilla
firefox
≤ 107.0
mozilla
firefox esr
≤ 102.5
mozilla
thunderbird
≤ 102.5

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References