Vulnerabilities > CVE-2021-33596 - Improper Restriction of Rendered UI Layers or Frames vulnerability in F-Secure Safe

CVSS 4.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

f-secure

CWE-1021

NVD

Published: 2021-08-05

Updated: 2021-08-12

Summary

Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded malicious redirect while using F-Secure Safe Browser for iOS.

Vulnerable Configurations

Part	Description	Count
Application	F-Secure F Secure Safe - F Secure Safe 17.7.260301 F Secure Safe 17.8.264411 F Secure Safe 18.3 F Secure Safe 18.3.272103	5

Common Weakness Enumeration (CWE)

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References