Sign In

Communications of the ACM

ACM TechNews

Hundreds of Millions of Cable Modems Vulnerable to Cable Haunt Vulnerability


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Logo of the Cable Haunt vulnerability.

Danish researchers have reported a security vulnerability affecting cable modems that use Broadcom chips.

Credit: ZDNet

Danish researchers reported a security vulnerability affecting cable modems that use Broadcom chips, which is believed to impact about 200 million cable modems in Europe alone.

The Cable Haunt flaw is within the chips' spectrum analyzer, a hardware/software component that shields the modem from signal surges and cable-originating interruptions.

Internet service providers (ISPs) frequently use the analyzer in debugging connection quality, and the researchers warned the component is not protected against Domain Name System rebinding attacks; the analyzer also employs default credentials and hosts a firmware-based coding error.

The researchers said hackers can use a browser to communicate exploits to and execute commands on the analyzer by deceiving users into accessing a malicious page.

The researchers have established a dedicated Cable Haunt website to encourage ISPs to test their devices and issue firmware updates to patch the attack vector.

From ZDNet
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found