Millions Of Cable Modems At Risk Of CVE-2019-19494 Flaw
Another security vulnerability was detected by cyber security researchers which was affecting cable modems. The vulnerability was first detected by team of Danish security researchers known as Lyrebirds ApS. According to researchers report, cyber criminals was affecting these modems with the help of Broadcom chips. The vulnerability is also known as CVE-2019-19494 which is termed as dubbed cable haunt. Research also reveals that the security flaw has put more than 200 million of cable modems in Europe. Some security analyst also assume that this vulnerability is not limited in Europe and it is getting wider and may put more cable modem at risk of remote hijacking.
Detail About (CVE-2019-19494) Cable Haunt Vulnerability
As per the webpage of security researcher team, cable haunt vulnerability is a critical issue. The vulnerability is in the cable modems which is manufactured by different international manufacturers. This security flaw of cable modems enables the cyber crooks to execute arbitrary code on modem. Because a modem consist of Internet traffic for every device on network, Cable haunt flaw can easily be exploited to bypass private communication, to redirect traffic or simply add that device to form a Botnet. In addition, the end point vulnerability is not limited to local network, crooks can also reach remote because of improper use of webstock. After that a buffer overflow attack has been carried out to access the vulnerable modem.
What Causes The The Cable Haunt Vulnerability?
The CVE-2019-19494 flaw is a result of a problem in Broadcom chips components which is known as spectrum analyzer. The spectrum analyzer is a kind of software and hardware component which is design to protect teh model from any kind of disturbance that comes from coax cable and signal surges. This component is also deployed by ISPs to debug the quality of connection. The issue arise because Broadcom chip spectrum analyzer are not completely protected against attack of DNS rebinding. In addition, it also utilize default credential and firmware of this component contains a programming error.
By making users to visit malicious page via browser, crooks can leverage the web browser to use flaw of faulty spectrum analyzed. As a result attackers get command execution on the infected device. In other words, Cable Hunt vulnerability could be used to execute several kind of malicious activities such as :
- Change default DNS server and swap entire firmware
- Disable ISP firmware upgrade and alter its settings
- Obtaining and setting values of SNMP OID
- Changing serial number of device and add it to Botnet
Who Are The Target Of This Vulnerability?
As said by the researchers, they have notified ISPs and manufacturers at largest possible way. However some ISPs which is contacted by researchers has informed that they are going to deliver firmware update to fix this vulnerability. So if you are also using cable modem and don’t want to get infected by this vulnerability then visit your manufacturer website and update the firmware as soon as possible.