← Back

CVE-2021-44751

nvd nist
Published: Mar 25, 2022Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform unwanted calls. In most modern Android OS, dialer application will require user interaction, however, some older Android OS may not need user interaction.

Affected (1)

Products: F Secure: Safe
F Secure
1 product
Safe
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Safe
Before 18.5

Related CWEs

CWE-276
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

Source: cve-notifications-us@f-secure.com
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable

Timeline

No history available yet.