CVE-2021-33972 – CVE-2021-33972 is a buffer overflow vulnerabili... (How to Fix)

Q: What is the severity of CVE-2021-33972?

CVE-2021-33972 has a CVSS score of 10.0 (CRITICAL). CVE-2021-33972 is a buffer overflow vulnerability in Qihoo 360 Safe Browser that allows attackers to execute arbitrary code with elevated privileges. This affects users running version 13.0.2170.0 of the browser. Successful exploitation could lead to complete system compromise.

📋 TL;DR

CVE-2021-33972 is a buffer overflow vulnerability in Qihoo 360 Safe Browser that allows attackers to execute arbitrary code with elevated privileges. This affects users running version 13.0.2170.0 of the browser. Successful exploitation could lead to complete system compromise.

💻 Affected Systems

Products:

Qihoo 360 Safe Browser

Versions: Version 13.0.2170.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific vulnerable version. Users must have the browser installed and running.

📦 What is this software?

Safe Browser by Browser.360

View all CVEs affecting Safe Browser →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system takeover with administrative privileges, allowing installation of persistent malware, data theft, and lateral movement across networks.

🟠

Likely Case

Local privilege escalation leading to unauthorized access to sensitive system resources and user data.

🟢

If Mitigated

Limited impact if browser runs with minimal privileges and proper security controls are in place.

🌐 Internet-Facing: LOW - This is primarily a local privilege escalation vulnerability requiring user interaction.

🏢 Internal Only: HIGH - Attackers with initial access could use this to escalate privileges within compromised systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploit details and proof-of-concept code are publicly available through the provided references. Requires user interaction or initial access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 13.0.2170.0

Vendor Advisory: Not publicly documented by vendor

Restart Required: Yes

Instructions:

1. Open Qihoo 360 Safe Browser. 2. Click menu button (three horizontal lines). 3. Select 'About 360 Safe Browser'. 4. Allow browser to check for and install updates. 5. Restart browser when prompted.

🔧 Temporary Workarounds

Uninstall vulnerable version

windows

Remove the vulnerable browser version completely

Control Panel > Programs > Uninstall a program > Select '360 Safe Browser' > Uninstall

Run with limited privileges

windows

Configure browser to run with standard user privileges instead of elevated rights

Right-click browser shortcut > Properties > Compatibility > Run this program as an administrator (uncheck)

🧯 If You Can't Patch

Restrict browser execution through application whitelisting
Implement strict user privilege management to limit impact of privilege escalation

🔍 How to Verify

Check if Vulnerable:

Check browser version: Open browser > Menu > About 360 Safe Browser. If version is 13.0.2170.0, system is vulnerable.

Check Version:

Not applicable - check through browser GUI

Verify Fix Applied:

After update, verify version is higher than 13.0.2170.0 in About dialog.

📡 Detection & Monitoring

Log Indicators:

Unusual process creation from browser executable
Failed privilege escalation attempts in security logs

Network Indicators:

Unusual outbound connections following browser execution

SIEM Query:

Process Creation where (Image contains '360se.exe' OR ParentImage contains '360se.exe') AND (CommandLine contains unusual parameters)

📊 Metadata

CVE ID: CVE-2021-33972

CVSS v3 Score: 10.0 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-120

Published: April 19, 2023

Last Updated: February 5, 2025

🔗 References

https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html Third Party Advisory
https://pastebin.com/qDedtZf3 Exploit,Third Party Advisory
https://www.youtube.com/channel/UCLJ6fZxUqbmPe4jiwC6o4hg/ Exploit
https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html Third Party Advisory
https://pastebin.com/qDedtZf3 Exploit,Third Party Advisory
https://www.youtube.com/channel/UCLJ6fZxUqbmPe4jiwC6o4hg/ Exploit

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-33972, you might also want to check these: