Vulnerabilities Revealed in AT&T Modems

Vulnerabilities Revealed in AT&T Modems

Gaping security holes have been discovered in most AT&T U-verse cable modems that would allow remote cyber criminals to access a household’s internet connection as well as any devices connected to it.

Gaping security holes have been discovered in most AT&T U-verse cable modems that would allow remote cyber criminals to access a household’s internet connection as well as any devices connected to it, Infosec consulting firm Nomotion revealed in a new blog post.

According to the Register, the vulnerabilities cause potential harm to nearly 140,000 broadband modems.

“For those familiar with the technical history of Arris and their careless lingering of hardcoded accounts on their products, this report will sadly come as no surprise,” the Nomotion post said. “For everyone else, prepare to be horrified.”

Researchers said it is uncertain whether the security flaws were introduced by Arris, the company responsible for building the modems, or if they were added after delivery to AT&T – since their engineers have the ability to add and customize code running on the devices before putting them in customers’ hands.

The findings claim that the Arris modems carry hard-coded credentials which allowed a firmware update to turn on its Secure Shell (SSH) by default. This would allow a remote hacker to access the modem’s cshell service which includes capabilities such as “viewing/changing the WiFi SSID/password, modifying the network setup and re-flashing the firmware from a file served by any tftp server on the Internet.”

The specific modems which were found to contain the bugs are the Arris NVG589 and NVG599, which Nomotion said are provided as standard customer premises equipment for AT&T U-verse customers.

Technicalities of each of the five vulnerabilities are detailed in the post. It said the most prevalent and potentially dangerous vulnerability, based solely on the high number of affected devices, is a firewall bypass. Essentially, the only thing protecting an AT&T U-verse internal network device from the internet is whether or not a hacker knows or is able to “brute-force” the MAC address of any of its devices.

Nomotion hopes “that the problems will be swiftly patched and that going forward, peer reviews and/or vulnerability testing on new releases of production firmware will be implemented prior to pushing it to the gateways.” In the meantime, the post includes detailed instructions for various self-mitigation techniques that AT&T customers may use as workarounds for the vulnerabilities.

An Arris representative told Threatpost the company is verifying the details of the firm's report.

“Until this is complete, we cannot comment on its details,” Arris said in a statement to Threatpost. “We can confirm Arris is conducting a full investigation in parallel and will quickly take any required actions to protect the subscribers who use our devices.”

Featured

  • Integration Imagination: The Future of Connected Operations

    Security teams that collaborate cross-functionally and apply imagination and creativity to envision and design their ideal integrated ecosystem will have the biggest upside to corporate security and operational benefits. Read Now

  • Smarter Access Starts with Flexibility

    Today’s workplaces are undergoing a rapid evolution, driven by hybrid work models, emerging smart technologies, and flexible work schedules. To keep pace with growing workplace demands, buildings are becoming more dynamic – capable of adapting to how people move, work, and interact in real-time. Read Now

  • Trends Keeping an Eye on Business Decisions

    Today, AI continues to transform the way data is used to make important business decisions. AI and the cloud together are redefining how video surveillance systems are being used to simulate human intelligence by combining data analysis, prediction, and process automation with minimal human intervention. Many organizations are upgrading their surveillance systems to reap the benefits of technologies like AI and cloud applications. Read Now

  • The Future is Happening Outside the Cloud

    For years, the cloud has captivated the physical security industry. And for good reason. Remote access, elastic scalability and simplified maintenance reshaped how we think about deploying and managing systems. But as the number of cameras grows and resolutions push from HD to 4K and beyond, the cloud’s limits are becoming unavoidable. Bandwidth bottlenecks. Latency lags. Rising storage costs. These are not abstract concerns. Read Now

  • Right-Wing Activist Charlie Kirk Dies After Utah Valley University Shooting

    Charlie Kirk, a popular conservative activist and founder of Turning Point USA, died Wednesday after being shot during an on-campus event at Utah Valley University in Orem, Utah Read Now

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.