Cable haunt arris

Welcome to the Intel Puma 6 modem list chipset defects explanation page. Below you will find information on what the Puma 6 problem is, the modems to avoid purchasing, and the class action lawsuit. These severe network latency spikes interfere with online gaming, streaming video, or simply surfing the web.

Network jitter variable latency also causes problems.

New exploit affects 200 million+ cable modems worldwide

The Puma 6 modems suffer from both latency and jitter. Some firmware updates have only temporarily fixed the problem and it seems Intel has no real fix for the issue.

Consequently, these bad internet connections landed cable modem maker ARRIS in trouble with a pending lawsuit filed in California. If you own one of the affected modems listed belowyou can file your issues and get alerts to any possible legal action against Intel and the cable modem brands particularly ARRIS.

Looking at the cable modem package is the easiest way to find if a modem is potentially defective. If you see an Intel logo on the box, stay away from it. Reports of the Puma 7 chipsets may also be defective, so the best thing to do is avoid any cable modem with Intel inside.

Note: not all Intel Puma chipset modems will have an Intel logo on the front of the modem package. Therefore, read the Intel Puma 6 modem list below to avoid purchasing a possibly defective modem. Do not buy these modems to avoid current and future problems with the Intel Puma chipsets.

This list also includes Intel Puma 7 chipset modems.

cable haunt arris

Devices highlighted in bold are the more popular cable modems best-selling modems. However, to show complete approved modem lists for each internet service provider, modems listed for each company may contain bad modems too. While one of the Do Not Buy modems may work fine for your use, using a device known to have a serious issue involves risk.


The cable modem may work properly for a few weeks and then problems could occur later. Skip any potential problems now and go with another approved cable modem for your internet service provider without Intel inside. I have well over 50 reports of this for our clients through my job.

Those model numbers were actually intentionally left off the Do Not Buy list because none of the ISPs have approved those modems you referenced. Therefore, those modems do not place on the list. Yes, they are bad Intel Puma modems, but no one should be purchasing these modems since they are not approved by any internet provider anyway. Listing every bad modem would make for an even longer list. Obviously this site is only concerned with approved modems.In mid-January it was discovered the firmware defined of many internet service provider ISP modems specifically combined modems and routers in the same device was vulnerable to remote takeover by attackers.

These vulnerabilities have been named Cable Haunt as an easier to remember reference. How widespread are the affected modems? At the least the following manufacturers are affected with up to million vulnerable modems mainly based in Europe but other regions e. North America are also affected. How serious are these vulnerabilities? While the vulnerabilities are serious in their impact, namely complete remote compromise of the device, how an attacker could exploit the vulnerabilities to achieve that outcome is not trivial.

As per the researchers:. It is important to point out that this is not the only attack vector that can be employed, vulnerable mail-clients, exploited IoT devices, public networks etc. Summary of the Technical Aspects of these vulnerabilities The vulnerability designated formally as CVE is a buffer overflow defined that if exploited could allow remote code execution defined: the ability for an attacker to remotely carry out any action of their choice on your device with kernel level defined privileges by using JavaScript defined within your web browser.

Linked to this; a DNS re-bind attack defined can be used to enable an attacker the ability to access the compromised spectrum analyser. This capability could be used to:. How can I protect my organisation or myself from these vulnerabilities? You are commenting using your WordPress.

You are commenting using your Google account. You are commenting using your Twitter account. You are commenting using your Facebook account. Notify me of new comments via email.

Wii u cfw only

Notify me of new posts via email. This site uses Akismet to reduce spam. Learn how your comment data is processed. Thank you.

Share this: Twitter Facebook. Like this: Like Loading Leave a Reply Cancel reply Enter your comment here Fill in your details below or click an icon to log in:. Email required Address never made public.

cable haunt arris

Name required.The administrator of your personal data will be Threatpost, Inc. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. The issue lies in underlying reference software used by multiple cable-modem manufacturers to create device firmware.

Multiple cable modems used by ISPs to provide broadband into homes have a critical vulnerability in their underlying reference architecture that would allow an attacker full remote control of the device. The footprint for the affected devices numbers in the hundreds of millions worldwide. Lyrebirds researchers said that million modems are potentially affected in Europe alone; they focused their research on European ISPs, many of which are already rolling out updates to fix the flaw.

As far as U. In a proof-of-concept PoC exploitresearchers were able to demonstrate a two-step attack: First, they compromised the spectrum analyzer component on board a modem, which resulted in local access. The spectrum analyzer uses a websocket for communication with the graphical frontend displayed in a browser, and a server must verify the relevant request parameters added by the browser. In the second step, they show that a DNS rebind attack can be used to gain remote access to the compromised spectrum analyzer.

Through malicious communication with the endpoint, a buffer overflow can be exploited to gain control of the modem. Among these values are saved registers, such as the program counter and return address.

Raspberry pi 4 slow

With a carefully crafted message the modem can be manipulated to execute arbitrary code specified by a remote attacker. They could also direct the modem to ignore remote system updates, which could complicate any patching process. This post was updated at a. ET on Jan, 14, to include statements from the top U. Concerned about mobile security? Join our experts to discuss the secrets of building a secure mobile strategy, one app at a time. Click here to register.

A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals. The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files.

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics.

Content strives to be of the highest quality, objective and non-commercial. Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

Newsletter Subscribe to our Threatpost Today newsletter Join thousands of people who receive the latest breaking cybersecurity news every day.

Shelly dimmer homekit

I agree to my personal data being stored and used to receive the newsletter. I agree to accept information and occasional commercial offers from Threatpost partners. This field is for validation purposes and should be left unchanged. Author: Tara Seals. January 13, am. Skip to: The Attack Comments.

Share this article:. UPDATED Multiple cable modems used by ISPs to provide broadband into homes have a critical vulnerability in their underlying reference architecture that would allow an attacker full remote control of the device.Sometimes even critically acclaimed products ship with annoying flaws, and such is the case with one of the most popular cable modems out there.

Thanks to an apparent lack of security on the Arris SURFboard SB modem, which until recently was also sold by Motorola, million units out in the wild are vulnerable to a simple attack that could cut off internet access until you call your cable company to restore it. To be really cruel, the attacker could instead click the Reset All Defaults option, which restores the modem back to factory settings and wipes out any specialized firmware installed by the internet service provider ISP.

After that, the device's owner would need to call the ISP's technical-support line to get a fix. Blogger David Longenecker broke this news last Friday April 1and while he contacted Arris before they published the news, the company apparently has yet to push out a fix.

We've contacted Arris for comment and will update this story when the company responds. The SB model is vulnerable because there is no username or password required to access its administrative controls from the local network.

Because that IP address is hard-coded into each of these million units, it's easy for pranksters or hackers to cause trouble once they hop onto the Wi-Fi networks at cafes, restaurants, hotels or their friends' houses. There's another way attackers could shut down the SB, and it doesn't require local network access. Instead, it involves tricking a local network user to click a malicious link.

Clicking that link would reset the router, taking the user offline for hours while he or she tries to get help from an ISP customer-support representative. We're not the only site to lavish praise on this modem, as it's also The WireCutter's top pick. This particular model is compatible with most of the major cable-company ISPs in the United States, and, as such, is bought by many customers who don't want to pay monthly modem-rental fees.

Cable-modem firmware updates usually must be pushed down by an ISP to send down an update, and we're not sure how many cable ISPs would be willing to do so for customer-owned devices. Upon further discussion, an Arris representative told us that despite the implication on the product page for the SB that million units of that specific model had been distributed, that figure instead represented the total number of all Arris product units sold over the past 15 years.

The number of modems affected by this particular issue was said to be less than 10 percent of the million figurewhich has been removed from the SB product page. Tom's Guide. Topics Routers.

More than 135 million ARRIS cable modems vulnerable to remote attacks

Wireless Carriers. See all comments 3.Researchers discovered as critical vulnerability dubbed Cable Haunt affects cable modems from different manufacturers across the globe. The vulnerability enables a remote attacker to gain complete control over the modem through its endpoint.

Successful exploitation allows attackers to intercept private messages, redirect traffic, or participate in botnets. Cable Haunt vulnerability was discovered by a team of Danish security researchers in Broadcom cable modems.

The vulnerability targets the middleware running on the chip used in the Broadcom cable modems, the middleware is the real-time operating system in cable modems that runs all the networking tasks.

cable haunt arris

It affects multiple vendors as the same software being used by various cable modem manufacturers to create their cable modem firmware. All the traffic goes through the cable modem middleware CMby gaining control over it attackers can manipulate any traffic going through the modem.

The attack is a two-step process: An attacker should gain access to the vulnerable endpoints through local networks such as browsers, this can be done by making the victim opening a malicious link in a browser. The exploit not only the browser, but it can also be executed in any place where running the code can reach IP on the local network.

Next, the attacker needs to hit the vulnerable endpoint with buffer overflow attack, by creating a crafted message a remote attacker can manipulate the modem to execute arbitrary code specified by a remote attacker. Once the code executed attackers can gain complete control over the modem and can perform various operation such as.

As the cable Haunt allows attackers to gain complete access to the modem it is hard to detect the infection as the attacker can hide the tracks. A tool has been released to check whether your modem is vulnerable, the tool can be downloaded from here. Here you find the detailed Technical report explaining the Cable Haunt vulnerability and the PoC of the attack.

Tuesday, July 14, GBHackers On Security. Leave a Reply Cancel reply. Cyber Security Courses. Computer Security. July 12, June 30, June 26, June 25, Load more. All Rights Reserved.Researchers today revealed Cable Haunta security vulnerability that affects modems from numerous manufacturers, and said it could affect hundreds of millions of modems in Europe alone.

Unfortunately, there's little consumers can do about the issue. According to the researchers, hackers could exploit Cable Haunt to "intercept private messages, redirect traffic, or [participate] in botnets. Cable Haunt is said to affect modems from at least four different manufacturers. Those companies appear to share some code with each other, which is why the vulnerability is present in various products.

That also makes it hard to guess how many modems are actually affected by the vulnerability. With almost no cable modem tested being secure without a firmware update, the number of modems initially vulnerable in Europe is estimated to be close to this number. However, it is tough to give a precise estimate of the reach of Cable Haunt. The reason for this is that the vulnerability originated in reference software, which has seemingly been copied by different cable modems manufacturers when creating their cable modem firmware.

This means that we have not been able to track the exact spread of the vulnerability and that it might present itself in slightly different ways for different manufacturers.

The researchers reportedly contacted numerous companies with information about Cable Haunt but had limited success. Some companies released firmware updates to defend their modems, and others didn't respond at all.

cable haunt arris

That's why the researchers urged consumers to ask their modem's manufacturer if they're vulnerable. Branding the vulnerability when many companies have yet to defend against it might seem ill-advised. The researchers explained on the Cable Haunt website that they felt compelled to gain as much attention as possible, however, because otherwise they wouldn't be able to effect meaningful change on the necessary scale.

Cable Haunt isn't limited to a single company's modems, and the software flaws that led to the vulnerability aren't managed by a single entity, either. Enlisting potentially affected consumers in efforts to force manufacturers to defend against the vulnerability might have been the only option available to Cable Haunt's discoverers. The researchers set up an FAQ explaining the vulnerability's discovery and disclosure. They also compiled lists of modems known to be affected by the vulnerability or to have been secured against it.

Now it's up to modem companies to fix the problem. ISPs haven't confirmed that these modems are vulnerable, but the researchers said their community has. Image credit: Shutterstock Researchers today revealed Cable Haunta security vulnerability that affects modems from numerous manufacturers, and said it could affect hundreds of millions of modems in Europe alone.

The researchers explained: "There are an estimated million cable modems in Europe alone. Topics Security.

See all comments 0. No comments yet Comment from the forums.The modems have a static IP address that is not consumer-changeable, and the web UI does not require authentication — no username or password is required to access the administration web interface.

An unauthenticated attacker can access the user interface of the cable modems. A local attacker can access the administration web interface Granted the modem only takes about 3 minutes to reboot, but for those three minutes, Internet access is offline. Additionally, activity sensitive to network outages long downloads or remote desktop sessions, for example may abort.

This means that a local attacker is able to restart the device, same result is possible to obtain if he uses a social engineering trick to convince the victim into clicking the following link:.

Longenecker discovered a second flaw, a cross site request forgery CSRFin the SURFboard modems that could be abused by attackers to launch the above command without using the device user interface. The application though does not verify that the command was issued from the administration UI. When an application does not verify that a command was issued from within the application, the possibility of CSRF exists.

We are in the process of working with our Service Provider customers to make this release available to subscribers. There is no risk of access to any user data, and we are unaware of any exploits. Necessary cookies are absolutely essential for the website to function properly.

This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Intel Puma 6 Modem List Chipset Defects

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website. Share this The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.

You might also like. Adobe fixes over a dozen flaws in Media Encoder, Download Manager. Sponsored Content.

Theory of love eng sub ep6

More Story. This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here. If you continue to browse this site without changing your cookie settings, you agree to this use.

Review ARRIS SURFboard SB8200 DOCSIS 3.1 Gigabit Cable Modem 2020 - Unboxing ARRIS SURFboard SB8200

Accept Read More.

thoughts on “Cable haunt arris

Leave a Reply

Your email address will not be published. Required fields are marked *