Jump to content

Cable Haunt

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Palosirkka (talk | contribs) at 08:32, 1 August 2020 (WebSockets, JavaScript). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Cable Haunt
CVE identifier(s)CVE-2019-19494, CVE-2019-19495
DiscovererAlexander Dalsgaard Krog (Lyrebirds), Jens Hegner Stærmose (Lyrebirds), Kasper Kohsel Terndrup (Lyrebirds), Simon Vandel Sillesen (Independent)

Cable Haunt is the code name assigned to represent two separate vulnerabilities that impact many of the cable modems in use around the world today.[1][2] These vulnerabilities allow an attacker to obtain external access to a cable modem and perform any number of activities intended to modify the operation of, or monitor the data passing through a cable modem.[3]

The problem lies with the Broadcom system-on-a-chip, which is used in many cable modems. Specifically with the software running the spectrum analyzer, which protects against any power surges in the cable signal.[3] It exposes an unsecured WebSockets interface that Cable Haunt can reach using JavaScript.

Modems impacted by Cable Haunt could allow remote attackers to potentially:[4]

Most home and small businesses obtain their cable modems directly from their internet service providers (ISPs). In situations where ISPs control the patching and firmware updating processes, subscribers must wait for cable providers to receive updated firmware from manufacturers and push it down to each individual modem. Initially cable companies were slow to respond to this threat, but now are actively working to get updates for customers.[5]

On January 19, 2019 Schrock Innovations, a computer repair company based in Lincoln, Nebraska released executable programs for x64 Windows systems and OSX systems based on Lyrebirds' original javascript. These programs allowed less technically advanced users the ability to test their own connections. Users of the programs were instructed to contact their ISP if their modem was vulnerable in order to increase public pressure for patches to be created in order to address the vulnerability.[6]

References

  1. ^ "CVE-2019-19494". Common Vulnerabilities and Exposures. Retrieved 2020-01-19.
  2. ^ "CVE-2019-19495". Common Vulnerabilities and Exposures. Retrieved 2020-01-19.
  3. ^ a b "Hundreds of millions of cable modems could be hacked due to 'Cable Haunt' flaw". Tom's Guide. January 14, 2020. Retrieved 2020-04-26.
  4. ^ Cimpanu, Catalin (January 10, 2020). "Hundreds of millions of cable modems are vulnerable to new Cable Haunt vulnerability". ZDNet. Retrieved 2020-01-19.
  5. ^ "'Cable Haunt' Bug Plagues Millions of Home Modems". threatpost.com. Retrieved 2020-01-19.
  6. ^ Schrock, Thor. "Cable Haunt". Retrieved 2020-01-19.

Further reading