Mozilla has fixed a bug that could be used to control all Firefox browsers on
The bug was discovered by Chris Moberly, an Australian security researcher at GitLab. They urged Mozilla to fix it as soon as possible.
He indicated that the vulnerability is in the componentFirefox SSDP. SSDP is a Simple Service Discovery Protocol and is a mechanism by which Firefox finds other devices on the same network to exchange or receive content (for example, video streaming)
Found a neat little Firefox for Android bug. Current version is not vulnerable, please make sure you are up to date. ? https://t.co/p31XPGBsze pic.twitter.com/coG3tcMiAI
— initstring (@init_string) September 15, 2020
The researcher explained that this bug is especiallydangerous in a scenario where a hacker enters an airport or a shopping mall, connects to a Wi-Fi network, and then can hijack all the devices that are connected to it.
Another scenario is if an attacker is targetingvulnerable Wi-Fi routers. Attackers can use the vulnerability to hijack legacy routers and then send spam to the company's internal network and force employees to re-authenticate on phishing pages.
The bug was reportedly fixed in Firefox 79.
Read also
The Doomsday glacier turned out to be more dangerous than scientists thought. We tell the main thing
Two pieces of evidence of extraterrestrial life emerged at once. One on Venus, the other - no one knows where
Hybrid vehicles are more environmentally hazardous than diesel vehicles. We tell the main thing