A critical security flaw has been identified in three of the most widely used web browsers—Apple’s Safari, Google’s Chrome, and Mozilla’s Firefox—posing a significant risk of data breaches. The vulnerability, known as the “0.0.0.0-day attack,” exploits how these browsers handle queries to the 0.0.0.0 IP address, potentially allowing attackers to access private data stored on users’ devices.
Details of the Vulnerability
Cybersecurity experts at Oligo discovered that the flaw targets the way these browsers redirect users from the 0.0.0.0 IP address to other IPs, often leading to “localhost,” a private server or computer. Under this attack, a malicious request to the 0.0.0.0 IP address could trick the browser into revealing sensitive data, making the attack especially dangerous when paired with phishing or social engineering tactics.
The risk is particularly high for individuals and organizations managing web servers, as the attack surface is larger in these scenarios. Cybercriminals could exploit this vulnerability to gain access to private data and even internal private networks, opening numerous attack vectors.
Response from Apple and Google
The flaw has already been exploited in the wild, prompting urgent action from developers. Apple and Google are actively working on fixes for their respective browsers. Avi Lumelsky, an AI security researcher at Oligo, emphasized the severity of the issue, noting that the attack could immediately expose developer code, internal messaging, and access to internal networks.
While the attack is mostly limited to web server hosts, a significant number of users remain at risk. Evidence of the flaw’s exploitation was confirmed by a Google security developer in a Chromium forum post earlier this year. However, the vulnerability affects only Apple devices, as Microsoft has already blocked the 0.0.0.0 IP address on Windows. Apple is expected to implement a similar block in the upcoming macOS 15 Sequoia beta.
Google is also preparing a fix for its Chromium and Chrome browsers, while Mozilla is still exploring solutions for Firefox.
As Apple, Google, and Mozilla work to resolve this vulnerability, users are advised to keep their browsers up-to-date with the latest patches and updates. Staying current with browser updates is crucial to protecting against potential cyber threats.
