Cable modems haunted by newly discovered cyber vulnerability


Tuesday, 14 January, 2020

Cable modems haunted by newly discovered cyber vulnerability

A newly discovered cyber vulnerability could be putting hundreds of millions of cable modems — and users’ information — at risk, according to a group of Danish security researchers. 

The vulnerability — dubbed ‘Cable Haunt’ — allows “remote attackers to execute arbitrary code on your modem” via one of its endpoints and could potentially be used to intercept private messages, redirect traffic or participate in botnets, the researchers said through a dedicated website

The problem lies in Broadcom’s chips’ spectrum analyser, which is used in cable modems from various manufacturers all over the world — including almost 200 million in Europe alone — and lacks protection against DNS rebinding attacks, uses default credentials and features a programming error, the researchers said. 

While the problem is clearly widespread, the researchers said it’s difficult to get a precise estimate of Cable Haunt’s reach.

“The reason for this is that the vulnerability originated in reference software, which has seemingly been copied by different cable modems manufacturers when creating their cable modem firmware,” the researchers said on their website. 

“This means that we have not been able to track the exact spread of the vulnerability and that it might present itself in slightly different ways for different manufacturers.”

Attackers can gain access to the modems by tricking users into accessing a malicious page via their web browser and relaying an exploit to the spectrum analyser, the researchers explained. They can then “change the default DNS server; conduct remote man-in-the-middle attacks; hot-swap code or even the entire firmware; silently upload, flash or upgrade firmware; disable internet service providers’ (ISP) firmware upgrades; change config files and settings; get and set SNMP OID values; change all associated MAC addresses and change serial numbers”, the researchers continued. 

The researchers are now calling on ISPs to test their modems using either the researchers’ proof-of-concept code or their test script and release firmware patches against the vulnerability. 

A list of known vulnerable cable modems can be found under the website’s ‘Am I Affected?’ tab. To date, the researchers know of six ISPs across Denmark, Norway, Sweden and Germany that have reportedly fixed their devices.

Image credit: ©stock.adobe.com/au/Proxima Studio

Related News

CrowdStrike to buy Adaptive Shield

CrowdStrike is augmenting its SaaS security capabilities through the acquisition of Israeli-based...

LockBit named nastiest malware of 2024

LockBit, a ransomware malware known to have been used to attack Australian targets, has been...

Extreme Networks launches ZTNA solution

Extreme Networks' new ExtremeCloud Universal ZTNA solution combines cloud network access...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd