Cable modems haunted by newly discovered cyber vulnerability

Tuesday, 14 January, 2020

Cable modems haunted by newly discovered cyber vulnerability

A newly discovered cyber vulnerability could be putting hundreds of millions of cable modems — and users’ information — at risk, according to a group of Danish security researchers. 

The vulnerability — dubbed ‘Cable Haunt’ — allows “remote attackers to execute arbitrary code on your modem” via one of its endpoints and could potentially be used to intercept private messages, redirect traffic or participate in botnets, the researchers said through a dedicated website

The problem lies in Broadcom’s chips’ spectrum analyser, which is used in cable modems from various manufacturers all over the world — including almost 200 million in Europe alone — and lacks protection against DNS rebinding attacks, uses default credentials and features a programming error, the researchers said. 

While the problem is clearly widespread, the researchers said it’s difficult to get a precise estimate of Cable Haunt’s reach.

“The reason for this is that the vulnerability originated in reference software, which has seemingly been copied by different cable modems manufacturers when creating their cable modem firmware,” the researchers said on their website. 

“This means that we have not been able to track the exact spread of the vulnerability and that it might present itself in slightly different ways for different manufacturers.”

Attackers can gain access to the modems by tricking users into accessing a malicious page via their web browser and relaying an exploit to the spectrum analyser, the researchers explained. They can then “change the default DNS server; conduct remote man-in-the-middle attacks; hot-swap code or even the entire firmware; silently upload, flash or upgrade firmware; disable internet service providers’ (ISP) firmware upgrades; change config files and settings; get and set SNMP OID values; change all associated MAC addresses and change serial numbers”, the researchers continued. 

The researchers are now calling on ISPs to test their modems using either the researchers’ proof-of-concept code or their test script and release firmware patches against the vulnerability. 

A list of known vulnerable cable modems can be found under the website’s ‘Am I Affected?’ tab. To date, the researchers know of six ISPs across Denmark, Norway, Sweden and Germany that have reportedly fixed their devices.

Image credit: © Studio

Related News

Lack of leadership buy-in biggest obstacle to digital trust: report

A new report from ISACA says that many organisations say that in five years digital trust will be...

Lack of customer confidence affecting security strategies: report

A survey from LogRhythm finds three-quarters of ANZ companies changed their security strategy...

IMT sector was Australia's most targeted in 2023: report

The information, media and technology sector has been the Australian industry most targeted...

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd