Cable Haunt vulnerability: Millions of cable modems are vulnerable to new threat

Four Danish researchers have revealed details about a security flaw that impacted hundreds of millions of cable modem users

From your smartphones to the digital camera which you recently used during the holidays, technology has improved so much that cybercriminals can easily get a window to take control over the gadget. Recently four researchers from Denmark have revealed details about a security flaw that impacted hundreds of millions of cable modem users.

The vulnerability

As per the Danish researchers, this newly found vulnerability is codenamed as Cable Haunt. The new findings also suggested that it impacted an estimated 200 million cable modems in Europe alone, said the researchers on Friday, January 11.

It should be noted that the vulnerability impacts a standard component of Broadcom chips called a spectrum analyzer which is a hardware and software component that secures the modem from signal surges as well as other disturbances coming via the coax cable. One cable modem, access to this component is limited for connections from only the internal network.

But as per the new findings, the Broadcom chip spectrum analyzer lacks protection against DNS rebinding threats, uses default credential as well as contains a programming error in its firmware. As per the researchers, the threat actors can trick users into accessing malicious pages via the browser to relay an exploit to the vulnerable component and launch commands on the device.

cable modem
Cable modem Pixabay

Cable Haunt vulnerability

By using the vulnerability called the Cable Haunt the attacker can take 10 steps such as, changing the default DNS server, carry out remote man-in-the-middle attacks and they can also hot-swap code or even the entire firmware. The attackers can upload, flash and upgrade firmware silently or disable ISP firmware upgrade, change every configured file and settings and set SNMP OID values.

If they want with the help of this vulnerability they can also change all associated MAC Addresses, serial numbers and be exploited in the botnet.

Vulnerable systems

The Danish researchers understood that around 200 million devices are vulnerable across Europe only, but the total number of exploitable devices is quite difficult to figure out, so it could more.

One of the researchers stated that "The reason for this, is that the vulnerability originated in reference software, which has seemingly been copied by different cable modems manufacturers when creating their cable modem firmware."

"This means that we have not been able to track the exact spread of the vulnerability and that it might present itself in slightly different ways for different manufacturers."