Hundreds of Millions of Broadcom Modems “Haunted” by New Bug
Security researchers are warning of a new critical vulnerability affecting multiple cable modem manufacturers that use Broadcom chips — exposing hundreds of millions of users to remote attacks.
This opens up a range of potential options to the hackers, including: changing the default DNS server, disabling ISP firmware upgrades and covertly changing the code themselves, man-in-the-middle attacks and conscripting the device into a botnet.
Basically, it means being able to snoop on all traffic flowing into the modem, send users unwittingly to malicious domains and launch botnet attacks.
The scale of the problem is potentially immense — affecting many more devices than the 200 million estimated in Europe.
“The reason for this is that the vulnerability originated in reference software, which has seemingly been copied by different cable modems manufacturers when creating their cable modem firmware,” the researchers warned. “This means that we have not been able to track the exact spread of the vulnerability and that it might present itself in slightly different ways for different manufacturers.”
ISPs have been contacted by the team with a fix prior to disclosure, but the quartet claimed only to have had “limited success” with this approach. Models from Netgear, Sagemcom, Technicolor and Compal are among the 10 identified as affected.
However, the vulnerable spectrum analyzer in question is not directly exposed to the internet, making this attack a relatively complex endeavor and therefore not likely to be used in mass campaigns given the numerous other flaws that can be more easily exploited in routers.
Source: Information Security Magazine