Cable Haunt Vulnerability Haunts Cable Modems Using Broadcom Chips

A vulnerability has threatened the online security of millions of cable modem users globally. Dubbed as ‘Cable Haunt’, the vulnerability affects cable modems and allows for remote attackers to take control of the device.

Researchers from a Danish security firm Lyrebirds have uncovered a vulnerability affecting cable modems. What they called ‘Cable Haunt’, the bug risks the security of millions of devices around the world.

In brief, the vulnerability exists in the spectrum analyzer component of Broadcom chips in cable modems. Spectrum analyzer is a component that identifies any connection issues with the cable, such as interference. The access to this component is limited to the internal network in most cable modems.

However, the researchers found that it is possible for an attacker to exploit this component and gain access to the device. For this, an attacker simply has to trick the user into clicking a malicious URL. In turn, the attacker will gain access to the local network, intercept private messages, reroute traffic, or set up botnets. Whereas, neither the user nor the ISP will ever detect the attack.

Regarding the exploit, the researchers stated in their white paper,

The researchers have set up a dedicated website for the Cable Haunt explaining the details. They have also shared a white paper as well as the PoC for the exploit.

The vulnerability has received the CVE number CVE-2019-19494. Also, another vulnerability specifically targeting the Technicolor TC7230 modem has received the CVE ID CVE-2019-19495.

According to researchers, the vulnerability affects numerous devices, at least over 200 million devices in Europe alone. They have tested this vulnerability on a few modems listed, including Netgear, Sagemcom, COMPAL modems, and a Technicolor modem.

You Might Also Like