Cable Hang-out: Hundreds of thousands of Broadcom modems may very well be hacked


Some Broadcom cable modems have faulty firmware, which could mean more than 200 million homes at risk. Four Danish researchers, Alexander Dalsgaard Krog, Jens Hegner Stærmose, Kasper Kohsel Terndrup (from Lyrebirds) and the freelancer Simon Vandel Sillesen, discovered CVE-2019-19494, a bug that attacks man-in-the-middle, information theft and communication eavesdropping could enable DDoS attacks and so on.

“Cable modems are vulnerable to remote code execution over a web socket connection by bypassing normal CORS and SOC rules and then overflowing the registers and performing malicious functions. The exploit is possible because the web socket client is not sufficiently protected, the login information is incorrect, and the spectrum analyzer has a programming error, ”the researchers explained.

"These vulnerabilities allow an attacker to remotely control the entire unit and all traffic flowing through it, but is invisible to both the user and the ISP and can ignore system updates from remote systems."

Although the problem is clearly widespread, the researchers said it was difficult to get an accurate estimate of Cable Haunt's range. "The reason is that the vulnerability stems from reference software that appears to have been copied by various cable modem manufacturers when they created their cable modem firmware," the researchers said on their website.

"This means that we cannot understand the exact nature of the vulnerability and that it is presented in slightly different ways for different manufacturers."

The good news is that most Scandinavian Internet Service Providers (ISPs) report that they have already patched the affected devices while the discovery team has set up their own Cable Haunt website where users can follow developments ,