F-SecureUSCVELIST:CVE-2021-40834CVE-2021-40834 User interface Spoofing in F-Secure SAFE browser for Android
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
4.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.1%
A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted seemingly legitimate URL SAFE browser goes into full screen and hides the user interface. A remote attacker can leverage this to perform spoofing attack.
CNA Affected
[
{
"platforms": [
"Android"
],
"product": "F-Secure Mobile Security",
"vendor": "F-Secure",
"versions": [
{
"lessThan": "17.9*",
"status": "affected",
"version": "18.5x",
"versionType": "custom"
}
]
}
]Related
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
4.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.1%