Cybercriminals can exploit a critical vulnerability in Broadcom chips, a hardware and software component in most of the world”s cable modems, to intercept private messages and redirect traffic, and change default DNS servers, MAC addresses of associated devices and serial numbers, according to a paper published by Danish security researchers.
The vulnerability, dubbed Cable Haunt, is estimated to have affected more than 200 million devices in Europe alone. The number could be much higher, considering that the original software was copied by different companies in the manufacturing process of the firmware.
Of particular concern is that this newly discovered vulnerability lets remote attackers execute random code on a modem, which is responsible for all the Internet traffic that goes on your network and connected devices.
In addition to its firmware programming errors, researchers pointed out that the spectrum analyzer of the Broadcom chip uses default credentials and lacks protection against DNS rebinding attacks.
“The attack can be executed by having the victim run malicious javascript,” the researchers said. The paper also stated that “a common avenue of attack would be a link that is opened in a browser, but could for example, also be done through ads on a trusted website or insecure email clients. The exploit starts when the malicious code has been sent to the client and is being executed. There are two verified ways of executing the request towards the modem.”
The good news is that most Scandinavian Internet service providers (ISPs) report that they have already patched the affected devices, while the team responsible for the discovery has set up a dedicated website for users to track developments.
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsSeptember 06, 2024
September 02, 2024
August 13, 2024
July 25, 2024