Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesEarnWeb3SquareMore
Trade
Spot
Buy and sell crypto with ease
Margin
Amplify your capital and maximize fund efficiency
Onchain
Going Onchain, without going Onchain!
Convert & block trade
Convert crypto with one click and zero fees
Explore
Launchhub
Gain the edge early and start winning
Copy
Copy elite trader with one click
Bots
Simple, fast, and reliable AI trading bot
Trade
USDT-M Futures
Futures settled in USDT
USDC-M Futures
Futures settled in USDC
Coin-M Futures
Futures settled in cryptocurrencies
Explore
Futures guide
A beginner-to-advanced journey in futures trading
Futures promotions
Generous rewards await
Overview
A variety of products to grow your assets
Simple Earn
Deposit and withdraw anytime to earn flexible returns with zero risk
On-chain Earn
Earn profits daily without risking principal
Structured Earn
Robust financial innovation to navigate market swings
VIP and Wealth Management
Premium services for smart wealth management
Loans
Flexible borrowing with high fund security
WebAuthn Vulnerabilities: Browser Weaknesses Allow Hackers to Obtain Credentials

WebAuthn Vulnerabilities: Browser Weaknesses Allow Hackers to Obtain Credentials

Bitget-RWA2025/09/22 07:38
By:Coin World

- SlowMist's 23pds warns WebAuthn login systems face credential theft via malicious browser extensions or XSS attacks, enabling forced password fallbacks and key manipulation. - Critical Firefox flaw CVE-2025-6433 (CVSS 9.8) allows attackers to bypass secure TLS requirements by exploiting certificate exception prompts during WebAuthn challenges. - SquareX researchers demonstrate passkey-based logins can be compromised through browser environment attacks, injecting malicious JavaScript to forge authenticati

WebAuthn Vulnerabilities: Browser Weaknesses Allow Hackers to Obtain Credentials image 0

23pds, the Chief Information Security Officer at SlowMist Technology, has alerted the public to potential security gaps in WebAuthn key login mechanisms, drawing attention to innovative attack vectors that may undermine authentication standards title2 [ 2 ]. According to the expert, hackers might use malicious browser add-ons or take advantage of cross-site scripting (XSS) flaws on web pages to gain control over the WebAuthn API. This kind of exploit could enable attackers to force a fallback to password logins or tamper with the process of registering authentication keys, resulting in stolen credentials without needing direct device access or biometric checks such as Face ID title2 [ 2 ]. The danger is especially high for individuals who depend on key-based logins on sites vulnerable to unpatched security flaws or who have compromised browser extensions, as this could result in account takeovers or identity theft title2 [ 2 ].

A major security issue, tracked as CVE-2025-6433, has been found in Firefox versions earlier than 140. In these versions, if a user accepts exceptions for invalid TLS certificates, the browser can prompt them to finish WebAuthn challenges title1 [ 1 ]. This behavior bypasses the WebAuthn protocol’s mandate for secure connections during authentication, creating an opening for attackers to exploit certificate checking weaknesses title1 [ 1 ]. With a "Critical" rating and a CVSS score of 9.8, this vulnerability puts systems at risk of compromise or data exposure. Both Firefox and Thunderbird releases before version 140 are impacted title3 [ 3 ]. The attack method involves user interaction—when someone visits a malicious site with an invalid TLS certificate and allows an exception, the attacker can trigger a WebAuthn prompt, thereby circumventing standard security measures title3 [ 3 ].

Experts from SquareX, a company specializing in enterprise browser security, have also shown how login systems using passkeys and WebAuthn can be manipulated when browsers are compromised title4 [ 4 ]. Their demonstration involves injecting harmful JavaScript code to simulate the processes of WebAuthn registration and authentication. If users are tricked into installing a rogue browser extension or if an attacker exploits XSS on a targeted site, it is possible to re-initiate passkey registration or force users to switch back to password-based logins. This approach sidesteps the intended cryptographic protection of passkeys, which are meant to prevent phishing title4 [ 4 ]. Rather than attacking the cryptographic core of passkeys, this threat takes advantage of flaws in how browsers implement WebAuthn APIs title4 [ 4 ].

These security findings highlight the urgent need for comprehensive defensive measures. Users should make sure their browser extensions are trustworthy and avoid accepting exceptions for invalid TLS certificates title1 [ 1 ]. Companies are encouraged to upgrade to Firefox and Thunderbird version 140 or above to mitigate the CVE-2025-6433 risk title1 [ 1 ]. Developers must thoroughly check for certificate errors and follow secure coding standards to prevent XSS exploits that could enable WebAuthn hijacking title4 [ 4 ].

WebAuthn, which is a collaborative initiative between the W3C and the FIDO Alliance, is intended to replace standard passwords with public key cryptography title2 [ 2 ]. Nonetheless, the recent discoveries make it clear that its effectiveness relies on both correct integration and the absence of software or browser vulnerabilities. Experts point out that although WebAuthn offers stronger protection against phishing than password-based multi-factor authentication, its rollout has been gradual title5 [ 5 ]. The newly disclosed vulnerabilities reinforce the necessity for ongoing monitoring and timely security updates to uphold the reliability of passwordless authentication title5 [ 5 ].

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!

You may also like