About: Cable Haunt

An Entity of Type: Thing, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

Cable Haunt is the code name assigned to represent two separate vulnerabilities that affect many of the cable modems in use around the world in 2020. These vulnerabilities allow an attacker to obtain external access to a cable modem and perform any number of activities intended to modify the operation of, or monitor the data passing through a cable modem. Modems impacted by Cable Haunt give remote attackers full (kernel level) control over the cable modem, allowing them to potentially:

Property Value
dbo:abstract
  • Cable Haunt is the code name assigned to represent two separate vulnerabilities that affect many of the cable modems in use around the world in 2020. These vulnerabilities allow an attacker to obtain external access to a cable modem and perform any number of activities intended to modify the operation of, or monitor the data passing through a cable modem. The problem lies with the Broadcom system-on-a-chip, which is used in many cable modems, specifically with the software running the spectrum analyzer, which protects against any power surges in the cable signal. It exposes an unsecured WebSockets interface that Cable Haunt can reach using JavaScript run in a victim's browser. Modems impacted by Cable Haunt give remote attackers full (kernel level) control over the cable modem, allowing them to potentially: * Modify or install new firmware on the modem * Change the modem's DNS server to redirect outbound traffic * Enlist the modem in a Distributed Denial of Service attack (DDoS) * Modify the modem MAC address or serial number * Disable patching and updating functions * Use a man-in-the-middle attack to skim data Most home and small businesses obtain their cable modems directly from their Internet service providers (ISPs). In situations where ISPs control the patching and firmware updating processes, subscribers must wait for cable providers to receive updated firmware from manufacturers and push it down to each individual modem. Cable companies were initially slow to respond to this threat, but now are actively working to get updates for customers. On January 19, 2020 Schrock Innovations, a computer repair company based in Lincoln, Nebraska, released executable programs for x64 Windows systems and OS X systems based on Lyrebirds' original JavaScript. These programs allowed less technically advanced users the ability to test their own connections. Users of the programs were instructed to contact their ISP if their modem was vulnerable in order to increase public pressure for patches to be created in order to address the vulnerability. (en)
dbo:wikiPageExternalLink
dbo:wikiPageID
  • 62863963 (xsd:integer)
dbo:wikiPageLength
  • 5164 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID
  • 1115674428 (xsd:integer)
dbo:wikiPageWikiLink
dbp:discoverer
  • Alexander Dalsgaard Krog , Jens Hegner Stærmose , Kasper Kohsel Terndrup , Simon Vandel Sillesen (en)
dbp:wikiPageUsesTemplate
dcterms:subject
rdfs:comment
  • Cable Haunt is the code name assigned to represent two separate vulnerabilities that affect many of the cable modems in use around the world in 2020. These vulnerabilities allow an attacker to obtain external access to a cable modem and perform any number of activities intended to modify the operation of, or monitor the data passing through a cable modem. Modems impacted by Cable Haunt give remote attackers full (kernel level) control over the cable modem, allowing them to potentially: (en)
rdfs:label
  • Cable Haunt (en)
owl:sameAs
prov:wasDerivedFrom
foaf:isPrimaryTopicOf
is dbo:wikiPageRedirects of
is dbo:wikiPageWikiLink of
is foaf:primaryTopic of
Powered by OpenLink Virtuoso    This material is Open Knowledge     W3C Semantic Web Technology     This material is Open Knowledge    Valid XHTML + RDFa
This content was extracted from Wikipedia and is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License