Vulnerabilities > CVE-2021-33595 - Unspecified vulnerability in F-Secure Safe

CVSS 3.5 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

f-secure

NVD

Published: 2021-08-11

Updated: 2021-08-19

Summary

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack.

Vulnerable Configurations

Part	Description	Count
Application	F-Secure F Secure Safe - F Secure Safe 17.7.260301 F Secure Safe 17.8.264411 F Secure Safe 18.3 F Secure Safe 18.3.272103	5

References

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
https://www.f-secure.com/en/business/support-and-downloads/security-advisories
https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595