CVE-2022-47524: CVE-2022-47524 | F-Secure

STATUS: Fixed

RISK LEVEL: Medium

FIX: No user action is required. Newer version 19.2 has been released in the automatic update channel since 22nd Dec 2022…

F‑Secure SAFE browser for Android is vulnerable to an IDN homo­graph attack when displaying messages containing malicious URLs. Trick that can deceive users into thinking they are visiting a legitimate web­site when in fact they are directed to a malicious homo­graph, domain name.

This issue was reported to F‑Secure through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.

F-Secure Corporation would like to thank Rafi Andhika Galuh for bringing this issue to our attention.