Cable Haunt - Wikipedia

submited by
Style Pass
2022-09-24 04:30:05

Cable Haunt is the code name assigned to represent two separate vulnerabilities that affect many of the cable modems in use around the world in 2020.[1][2] These vulnerabilities allow an attacker to obtain external access to a cable modem and perform any number of activities intended to modify the operation of, or monitor the data passing through a cable modem.[3]

The problem lies with the Broadcom system-on-a-chip, which is used in many cable modems, specifically with the software running the spectrum analyzer, which protects against any power surges in the cable signal.[3] It exposes an unsecured WebSockets interface that Cable Haunt can reach using JavaScript run in a victim's browser.[1]

Modems impacted by Cable Haunt give remote attackers full (kernel level[1]) control over the cable modem, allowing them to potentially:[4]

Leave a Comment