CVE-2021-45884 : Exploit Details and Defense Strategies
Discover the impact of CVE-2021-45884 in Brave Desktop versions, enabling CNAME-based adblocking and proxying extension vulnerability leading to information disclosure. Learn how to mitigate and prevent the issue.
Brave Desktop versions 1.17 through 1.33 before 1.33.106 are affected by a vulnerability that leads to information disclosure when specific settings are enabled.
Understanding CVE-2021-45884
What is CVE-2021-45884?
In Brave Desktop versions 1.17 through 1.33 before 1.33.106, enabling CNAME-based adblocking along with a proxying extension using a SOCKS fallback can cause additional DNS requests to bypass the extension, potentially exposing sensitive information.
The Impact of CVE-2021-45884
The vulnerability can result in information disclosure due to DNS requests being issued outside of the intended proxying extension, exploiting the system's DNS settings.
Technical Details of CVE-2021-45884
Vulnerability Description
The issue arises from incomplete fixes related to other CVEs (CVE-2021-21323 and CVE-2021-22916), allowing DNS requests to bypass the proxying extension.
Affected Systems and Versions
- Systems running Brave Desktop versions 1.17 through 1.33 before 1.33.106
Exploitation Mechanism
- Enabling CNAME-based adblocking and a proxying extension with a SOCKS fallback
Mitigation and Prevention
Immediate Steps to Take
- Disable CNAME-based adblocking and proxying extensions with SOCKS fallback in Brave Desktop
- Monitor for any unauthorized DNS requests
Long-Term Security Practices
- Regularly update Brave Desktop to the latest version
- Implement network monitoring measures to detect unusual DNS activities
Patching and Updates
- Apply the latest patches and security updates provided by Brave to address the vulnerability.