Vulnerabilities Revealed in AT&T Modems

Vulnerabilities Revealed in AT&T Modems

Gaping security holes have been discovered in most AT&T U-verse cable modems that would allow remote cyber criminals to access a household’s internet connection as well as any devices connected to it.

Gaping security holes have been discovered in most AT&T U-verse cable modems that would allow remote cyber criminals to access a household’s internet connection as well as any devices connected to it, Infosec consulting firm Nomotion revealed in a new blog post.

According to the Register, the vulnerabilities cause potential harm to nearly 140,000 broadband modems.

“For those familiar with the technical history of Arris and their careless lingering of hardcoded accounts on their products, this report will sadly come as no surprise,” the Nomotion post said. “For everyone else, prepare to be horrified.”

Researchers said it is uncertain whether the security flaws were introduced by Arris, the company responsible for building the modems, or if they were added after delivery to AT&T – since their engineers have the ability to add and customize code running on the devices before putting them in customers’ hands.

The findings claim that the Arris modems carry hard-coded credentials which allowed a firmware update to turn on its Secure Shell (SSH) by default. This would allow a remote hacker to access the modem’s cshell service which includes capabilities such as “viewing/changing the WiFi SSID/password, modifying the network setup and re-flashing the firmware from a file served by any tftp server on the Internet.”

The specific modems which were found to contain the bugs are the Arris NVG589 and NVG599, which Nomotion said are provided as standard customer premises equipment for AT&T U-verse customers.

Technicalities of each of the five vulnerabilities are detailed in the post. It said the most prevalent and potentially dangerous vulnerability, based solely on the high number of affected devices, is a firewall bypass. Essentially, the only thing protecting an AT&T U-verse internal network device from the internet is whether or not a hacker knows or is able to “brute-force” the MAC address of any of its devices.

Nomotion hopes “that the problems will be swiftly patched and that going forward, peer reviews and/or vulnerability testing on new releases of production firmware will be implemented prior to pushing it to the gateways.” In the meantime, the post includes detailed instructions for various self-mitigation techniques that AT&T customers may use as workarounds for the vulnerabilities.

An Arris representative told Threatpost the company is verifying the details of the firm's report.

“Until this is complete, we cannot comment on its details,” Arris said in a statement to Threatpost. “We can confirm Arris is conducting a full investigation in parallel and will quickly take any required actions to protect the subscribers who use our devices.”

Featured

  • Just as Expected

    GSX produced a wonderful tradeshow earlier this week. Monday was surprisingly strong in the morning, and the afternoon wasn’t bad at all. That’s Monday’s results and asking attendees to travel on Sunday. Just a quick hint, no one wants to give up their weekend to travel and set up an exhibit booth. I’m just saying. Read Now

    • Industry Events
    • GSX
  • NOLA: The Crescent City

    Twenty years later we finds ourselves in New Orleans. Twenty years ago the aftermath of Hurricane Katrina forced exhibitors and attendees to look elsewhere for tradeshow floor space. Read Now

    • Industry Events
    • GSX
  • Nothing Artificial About this Intelligence

    I have been looking forward to this year’s GSX show in New Orleans, the Cresent City, or if you prefer The Big Easy. It seems like quite a while since we’ve been here. Twenty years ago, ASIS, as it was known then was literally washed out of the city by someone known as Katrina. It is a good thing to come back to NOLA. Read Now

  • From Monitors to Mission Control

    Security Operations Centers (SOC) were once defined by rows of static monitors, each displaying a single feed with operators quietly watching for issues. That model has become obsolete. Incidents evolve too quickly, data comes from multiple locations, and decisions must be made in seconds—not minutes. Read Now

  • New Gas Monkey Garage Venue Uses AI-Enhanced Video Technology

    Gas Monkey Garage, the automotive custom shop and entertainment brand founded by Richard Rawlings of Fast N’ Loud TV fame, has opened a vibrant new restaurant and bar in South Dakota, equipped with advanced, AI-enhanced video tech from IDIS Americas. Read Now

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.