On an Android phone, Mozilla Firefox constantly sends out SSDP discovery messages to other devices on the same WiFi network, because it is looking for a second-screen device to broadcast. So how does this SSDP Engine works in Android phones? SSDP stands for “Simple Service Discovery Protocol” which is a “UDP Protocol” and it is part of universal plug and play (uPnP) protocols that is used for discovering or finding other devices on the network. Now before we begin with the explanation of how the exploit works, allow us to explain what SSDP Engine stands for. What is SSDP Engine in Firefox Android Browser? This bug or vulnerability was originally discovered by an “Australian security researcher” Chris Moberly, the vulnerability resides in the “SSDP Engine” of the browser that can be exploited to attack the Firefox browser, installed on the victim’s android phone, which is connected to the same WiFi network connection as the attacker. Lukas Stefanko, who works for ESET, tweeted an alert message through his twitter account, which also has video demonstrating the exploitation of the recently disclosed “high-risk” remote code execution vulnerability affecting the Firefox browser app for Android platform. Firefox android browser, if you have it installed on your android phone make sure that it is upgraded to the latest version, as security researcher named “ Lukas Stefanko” has tweeted about a new bug which lets an attacker hijack the Mozilla Firefox browser remotely over a Wi-Fi network connection.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |