Vulnerability Description
Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded malicious redirect while using F-Secure Safe Browser for iOS.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F-Secure | Safe | < 18.4.272901 |
Related Weaknesses (CWE)
References
- https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-Vendor Advisory
- https://www.f-secure.com/en/business/support-and-downloads/security-advisoriesVendor Advisory
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cVendor Advisory
- https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-Vendor Advisory
- https://www.f-secure.com/en/business/support-and-downloads/security-advisoriesVendor Advisory
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cVendor Advisory
FAQ
What is CVE-2021-33596?
CVE-2021-33596 is a vulnerability with a CVSS score of 3.5 (LOW). Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requir...
How severe is CVE-2021-33596?
CVE-2021-33596 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-33596?
Check the references section above for vendor advisories and patch information. Affected products include: F-Secure Safe.