Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jul 18, 2022

CVE-2021-30533

High
EPSS 10.5%CISA KEV
Google/Chromium PopupBlocker

Description

Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

EPSS — Exploit Probability

10.5%

Higher than 93.2% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2021-30533

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
High
EPSS
10.5%
CISA KEV
Yes
Ransomware
Unknown
Articles
0

Timeline

Published

Jun 27, 2022

Added to KEV

Jun 27, 2022

Remediation Due

Jul 18, 2022

Affected Product

Google

Chromium PopupBlocker

View all Google CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE