WebRTC.Local.IP.Addresses.Disclosure

description-logoDescription

This indicates an attempt to obtain the IP addresses of a user through WebRTC in various browsers.
The issue is due to a design in various browsers when handling WebRTC calls that probes STUN server to obtain a user's IP address. A potentially malicious actor can exploit this to obtain a user's local and public IP addresses, via a crafted web page.

affected-products-logoAffected Products

WebRTC 1.0 on Google Chrome
WebRTC 1.0 on Mozilla Firefox

Impact logoImpact

Information Disclosure: Remote attacker can obtain the IP address of a targeted user.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.
Monitor the traffic from that network for any suspicious activity.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2024-01-24 26.721 Severity:medium:low
2021-10-13 18.177 Sig Added
2019-10-30 14.714 Sig Added
2019-06-07 14.628 Severity:low:medium