Danish researchers reported a security vulnerability affecting cable modems that use Broadcom chips, which is believed to impact about 200 million cable modems in Europe alone.
The Cable Haunt flaw is within the chips' spectrum analyzer, a hardware/software component that shields the modem from signal surges and cable-originating interruptions.
Internet service providers (ISPs) frequently use the analyzer in debugging connection quality, and the researchers warned the component is not protected against Domain Name System rebinding attacks; the analyzer also employs default credentials and hosts a firmware-based coding error.
The researchers said hackers can use a browser to communicate exploits to and execute commands on the analyzer by deceiving users into accessing a malicious page.
The researchers have established a dedicated Cable Haunt website to encourage ISPs to test their devices and issue firmware updates to patch the attack vector.
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found