Hundreds of Millions of Broadcom Modems “Haunted” by New Bug

Security researchers are warning of a new critical vulnerability affecting multiple cable modem manufacturers that use Broadcom chips — exposing hundreds of millions of users to remote attacks.

Discovered by three researchers from security consultancy Lyrebirds and an independent, the so-called “Cable Haunt” bug (CVE-2019-19494) is described as a buffer overflow, “which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser.”

Specifically, the flaw is found in Broadcom chip’s spectrum analyzer component, which is designed to identify problems with the modem cable connection. If attackers can first trick the user into opening a web page containing malicious JavaScript, possibly via a phishing email, then they can effect the buffer overflow, giving them access to the modem.

This opens up a range of potential options to the hackers, including: changing the default DNS server, disabling ISP firmware upgrades and covertly changing the code themselves, man-in-the-middle attacks and conscripting the device into a botnet.

Basically, it means being able to snoop on all traffic flowing into the modem, send users unwittingly to malicious domains and launch botnet attacks.

The scale of the problem is potentially immense — affecting many more devices than the 200 million estimated in Europe.

“The reason for this is that the vulnerability originated in reference software, which has seemingly been copied by different cable modems manufacturers when creating their cable modem firmware,” the researchers warned. “This means that we have not been able to track the exact spread of the vulnerability and that it might present i ..

Support the originator by clicking the read the rest link below.