Cable modems haunted by newly discovered cyber vulnerability


Tuesday, 14 January, 2020


Cable modems haunted by newly discovered cyber vulnerability

A newly discovered cyber vulnerability could be putting hundreds of millions of cable modems — and users’ information — at risk, according to a group of Danish security researchers. 

The vulnerability — dubbed ‘Cable Haunt’ — allows “remote attackers to execute arbitrary code on your modem” via one of its endpoints and could potentially be used to intercept private messages, redirect traffic or participate in botnets, the researchers said through a dedicated website

The problem lies in Broadcom’s chips’ spectrum analyser, which is used in cable modems from various manufacturers all over the world — including almost 200 million in Europe alone — and lacks protection against DNS rebinding attacks, uses default credentials and features a programming error, the researchers said. 

While the problem is clearly widespread, the researchers said it’s difficult to get a precise estimate of Cable Haunt’s reach.

“The reason for this is that the vulnerability originated in reference software, which has seemingly been copied by different cable modems manufacturers when creating their cable modem firmware,” the researchers said on their website. 

“This means that we have not been able to track the exact spread of the vulnerability and that it might present itself in slightly different ways for different manufacturers.”

Attackers can gain access to the modems by tricking users into accessing a malicious page via their web browser and relaying an exploit to the spectrum analyser, the researchers explained. They can then “change the default DNS server; conduct remote man-in-the-middle attacks; hot-swap code or even the entire firmware; silently upload, flash or upgrade firmware; disable internet service providers’ (ISP) firmware upgrades; change config files and settings; get and set SNMP OID values; change all associated MAC addresses and change serial numbers”, the researchers continued. 

The researchers are now calling on ISPs to test their modems using either the researchers’ proof-of-concept code or their test script and release firmware patches against the vulnerability. 

A list of known vulnerable cable modems can be found under the website’s ‘Am I Affected?’ tab. To date, the researchers know of six ISPs across Denmark, Norway, Sweden and Germany that have reportedly fixed their devices.

Image credit: ©stock.adobe.com/au/Proxima Studio

Related News

NAB using voice biometrics to verify customers

NAB has signed on 120,000 customers to its VoiceID biometrics authentication service since its...

New malware can steal data from air-gapped systems

ESET researchers have uncovered a new malware toolkit that appears to be designed to exfiltrate...

Legislation passed to protect COVIDSafe app data

The Privacy Amendment Act 2020 will prescribe civil and criminal penalties for app...


  • All content Copyright © 2020 Westwick-Farrow Pty Ltd