Security researchers have shared a warning regarding a new vulnerability that could affect multiple cable modem manufacturers that use Broadcom chips. This vulnerability could expose hundreds of millions of users, resulting in remote attacks.
This gives the hackers a variety of potential options, including; changing the default DNS server; disabling
This opens up a range of potential options to the hackers, including the following:
- Changing the default DNS server
- Disabling ISP firmware upgrades and covertly changing the code themselves
- Man-in-the-middle attacks and conscripting the device into a botnet.
In other words, it can spy on any traffic that flows to the modem, send unsuspecting users to malicious domains and launch botnet attacks. The scale of the problem could be huge, affecting even more than the estimated 200 million in Europe.
“The reason for this is that the vulnerability originated in reference software, which has seemingly been copied by different cable modems manufacturers when creating their cable modem firmware,” the researchers warned. “This means that we have not been able to track the exact spread of the vulnerability and that it might present itself in slightly different ways for different manufacturers.”
The team have contacted ASPs with a proper fix for disclosure. However, it seems they have only had “limited success” with this approach. Models from Netgear, Sagemcom, Technicolor and Compal are some of the 10 that have been affected.
However, the vulnerable spectrum analyser in question is not directly exposed to the internet. As a result, fixing the problem is relatively complex and is unlikely to be used in mass campaigns given the variety of flaws that can be exploited with ease in routers.
Join us for ESRM March 2020
Whitehall Media’s prestigious biannual 12th ESRM conference is set to discuss how enterprises are increasing awareness from the board down, adopting effective incidence response planning, adding threat analytics to their security response and investigating security events with robust incident forensics.