A researcher discovered several security flaws in Cox modems that allowed remote attackers to hack into the device. Exploiting the vulnerabilities could allow an adversary to gain control of the target coax modem, execute commands, and interfere with device settings.

Cox Modem Vulnerabilities Allow Remote Attacks

According to a recent Post By researcher Sam Currie, several vulnerabilities affected Cox modem security, allowing remote modem hacking.

As described, a series of vulnerabilities combined to lead to an authorization bypass issue in the backend API that allowed an adversary to take over a target Cox modem. Misuse of exposed APIs can give an adversary access to users’ personal information, such as names, phone numbers, email addresses and account numbers. Moreover, the APIs also exposed Wi-Fi passwords and hardware MAC addresses of connected devices. This means that using this particular vulnerability exposed all connected devices.

Because weakness was present in them. Modem Over the years, it exposed millions of devices to security vulnerabilities.

Elaborating further, the researcher explained that the vulnerabilities resulted in the exposure of around 700 APIs, some of which could allow admin access, allowing an attacker to execute unauthorized commands, in device settings. Can allow editing, and get ISP level permissions.

Patch deployed

Considering that Cox ranks among the top broadband, telephone cable, and phone carrier services in the U.S., proportionally Large number of vulnerable devices Indicates the extent of damage in case of malicious exploits.

Thankfully, after the researcher’s report, Cox patched the vulnerabilities within 24 hours, preventing any active attacks. The firm also assured that it has not received any exploit attempts in the past.

However, an interesting aspect of the researcher’s report is the active hacking attack on their own modem. The unknown adversary kept the researcher’s device compromised for a long time, undetected all the time. Although the researcher tried to trace the unknown adversary, he could see the vulnerabilities and follow them, unable to track the attacker on his own device.

However, now that Cox has deployed the patches, users should ensure that their devices are updated with the latest patches. Modem Weaknesses.

Let us know your thoughts in the comments.



Source link