Cybercriminals can exploit a critical vulnerability in Broadcom
chips, a hardware and software component in most of the world’s cable modems, to
intercept private messages and redirect traffic, and change default DNS
servers, MAC addresses of associated devices and serial numbers, according to a
paper
published by Danish security researchers.
The vulnerability, dubbed Cable Haunt, is estimated to have
affected more than 200 million devices in Europe alone. The number could be
much higher, considering that the original software was copied by different companies
in the manufacturing process of the firmware.
Of particular concern is that this newly discovered
vulnerability lets remote attackers execute random code on a modem, which is
responsible for all the Internet traffic that goes on your network and
connected devices.
In addition to its firmware programming errors, researchers
pointed out that the spectrum analyzer of the Broadcom chip uses default
credentials and lacks protection against DNS rebinding attacks.
“The attack can be executed by having the victim run malicious javascript,” the researchers said. The paper also stated that “a common avenue of attack would be a link that is opened in a browser, but could for example, also be done through ads on a trusted website or insecure email clients. The exploit starts when the malicious code has been sent to the client and is being executed. There are two verified ways of executing the request towards the modem.”
The good news is that most Scandinavian Internet service providers (ISPs) report that they have already patched the affected devices, while the team responsible for the discovery has set up a dedicated website for users to track developments.