Earlier this month, Lyrebirds, a security research group discovered an exploit which likely affects hundreds of millions of cable modems worldwide. They have dubbed it “Cable Haunt”, AKA CVE-2019-19494.
If you’re successfully attacked, your attackers are given full remote access to your modem and all the traffic flowing through it. This could include intercepting private communication, redirecting traffic, and even tell the modem to ignore system updates.
So far, researchers have not found evidence of attackers using the exploit in the wild, but warn that it would be very easy to hide evidence of the attack. Because it’s still a relatively difficult exploit to take advantage of, Lyrebirds believes that the average consumer won’t be targeted by the exploit (until “easy-to-use” exploit kits are developed and gain popularity).
As of January 15, 2020, the Cable Haunt exploit has been found affecting cable modems made by Netgear, Arris, COMPAL, Technicolor, and more. The flaw originates in Broadcom reference software, which has appeared in fairly common firmware for many household cable modems used worldwide.
Models known to be affected include:
*some firmware versions of those models might not be at risk
This attack is unique in that the average consumer doesn’t have access to update or fix their own modems (only routers). Due to that issue, there’s more pressure on internet service providers to roll out an update to address the problem. Many American ISPs have stated that they’re testing for the vulnerability now, and working on plans to mitigate anything they find.
If you think your modem is affected and you’re worried about getting it resolved quickly we recommend you reach out to your ISP directly to ask them about the status of the Cable Haunt fix.
If you’re tech-savvy and curious, this article has some steps you can take to learn if your specific device is affected, and Lyrebirds’ official page for Cable Haunt is being updated with much more in-depth information on the exploit as news comes to surface.
Sources:
https://www.tomsguide.com/news/cable-haunt-modem-flaw
https://threatpost.com/cable-haunt-remote-code-execution/151756/
Relentless digital innovation has defined the last few years. The symbiotic relationship between AI and…
Browser extensions have become as common as mobile apps. People tend to download many and…
Staying ahead in business often means embracing cutting-edge technologies. New tools can unlock new avenues…
In the digital age, data is the lifeblood of businesses. It fuels operations, decision-making, and…
The integration of smart home devices has become synonymous with modern living. They offer convenience,…
Microsoft 365 has a powerful suite of cloud-based productivity tools. They can help you work…