Intrusion Prevention

WebRTC.Local.IP.Addresses.Disclosure

Description

This indicates an attempt to obtain the IP addresses of a user through WebRTC in various browsers.
The issue is due to a design in various browsers when handling WebRTC calls that probes STUN server to obtain a user's IP address. A potentially malicious actor can exploit this to obtain a user's local and public IP addresses, via a crafted web page.

Affected Products

WebRTC 1.0 on Google Chrome
WebRTC 1.0 on Mozilla Firefox

Impact

Information Disclosure: Remote attacker can obtain the IP address of a targeted user.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.
Monitor the traffic from that network for any suspicious activity.