Vulnerability Details : CVE-2021-33595
A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack.
Products affected by CVE-2021-33595
- cpe:2.3:a:f-secure:safe:*:*:*:*:*:iphone_os:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-33595
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 52 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-33595
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
3.5
|
LOW | AV:N/AC:M/Au:S/C:N/I:P/A:N |
6.8
|
2.9
|
NIST | |
|
3.5
|
LOW | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
2.1
|
1.4
|
F-Secure | |
|
3.5
|
LOW | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
2.1
|
1.4
|
NIST |
References for CVE-2021-33595
-
https://www.f-secure.com/en/business/support-and-downloads/security-advisories
Security advisories | F-SecureVendor Advisory
-
https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595
CVE-2021-33595 | F-SecureVendor Advisory
-
https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
Hall of Fame | F-SecureVendor Advisory
Jump to