CVE-2021-33753: Microsoft Bing Search Spoofing Vulnerability

Overview

Severity

Medium (CVSS 4.7)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2021-Jul

Released

2021-07-13

EPSS Score

0.98% (percentile: 76.8%)

FAQ

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user would have to visit a malicious page or click on a malicious link from within the application. How do I get the update for Bing Search for Android? Tap the Google Play icon on your home screen. Swipe in from the left edge of the screen. Tap My apps & games. Tap the Update box next to the Bing Search app. Is there a direct link on the web? Yes: https://play.google.com/store/apps/details?id=com.microsoft.bing&hl=en_US

Affected Products (1)

Apps

• Microsoft Bing Search for Android

Acknowledgments

<a href="https://twitter.com/imnarendrabhati">Narendra Bhati</a> with <a href="https://www.sumasoft.com/">Lead Penetration Tester at Suma Soft Pvt. Ltd. India</a>

Revision History

• 2021-07-13: Information published.