Corporate Site
Overview
How it works
For Home
Step-by-Step Guides
Get Tech Support
|
1-808-210-2095

Cable Haunt - Remote Access Exploit Affects Hundreds of Millions of Cable Modems

Authored by: Support.com Tech Pro Team

1. Cable Haunt Information

A new attack has been made public. Known as "Cable Haunt", rather than targeting your computer or smartphone, this targets your cable modem — the box gives your whole home access to the Internet.

This guide will help you understand the problem, and more importantly, what you can do to help avoid being affected.

Cable Haunt

Fast Facts

Affected Modems

This is not an all-inclusive list — most modems are vulnerable. For a more complete list, visit the Cable Haunt website.

Confirmed by ISPs or security researchers:

  • Sagemcom F@st 3890
  • Sagemcom F@st 3686
  • Technicolor TC7230
  • Netgear C6250EMR
  • Netgear CG3700EMR
  • COMPAL 7284E
  • COMPAL 7486E
  • Netgear CG3700EMR

Confirmed by members of the community:

  • Arris Surfboard CM8200A
  • Arris Surfboard SB6183
  • Arris Surfboard SB8200
  • Netgear CM500
  • Netgear CM600
  • Netgear CM1000
  • Netgear CM1150
  • Technicolor TC4400
  • Technicolor TC7210
  • Technicolor TC7650
  • Zoom 5370
  • Cisco / Technicolor DPC3216

Cable Haunt - Further Information
For more information about the exploit, the researchers have setup the following page.

2. What is a Cable Modem?

A Cable Modem

3. What is Cable Haunt?

Simplified diagram of a buffer overflow.

4. Can Cable Haunt be detected?

Exploit Research

5. What can I do to help guard against Cable Haunt?

At the time of writing, no known public exploits have been made, only in the lab and in example code published recently.On the Modem Itself

  • If you are using a separate modem and router, rather than a Wireless Gateway (modem and router all-in-one), you have some increased security against this. Because your network (your home computer, smartphone, and other devices) is separate from the modem itself by your router, there's less risk while manufacturers and ISPs work to patch this exploit.
  • If you have a Wireless Gateway, unfortunately, the primary attacks that could be performed are on the same device, and you simply need to wait till this is patched.

On Your Computer

  • If you are using security software that monitors websites such as an anti-virus suite, make sure it's up-to-date so you won't be infected that way in the first place.
  • Contact your ISP. Right now, the researchers who originally published this research have been quietly working behind the scenes for over a year concerning this, and have unfortunately gotten very little traction, which is why they have made the exploit public. They hope that, by putting this out publicly, before it is seen in-the-wild, companies will work to fix the problem before it becomes a problem you have to worry about.

This isn't a fault or bug with your computer, rather this is a bug in the modem itself that is vulnerable to attack.

This announcement has been made rather publicly, so most ISPs have started serious work to patch modems in use. Because, as a user, you are affected by this but unable to do much to solve it, it is also your ISPs responsibility to keep you informed on their patching efforts. Details your ISP may need are provided on the Cable Haunt page.

Further Information
For more information about the exploit, the researchers have setup the following page.

Privacy Matters

Support.com is committed to your privacy
We do not share or sell your data to third parties. We do use cookies and other third-party technologies to improve our site and services. The California Consumer Privacy Act (CCPA) gives you the ability to opt out of the use of cookies, third-party technologies and/or the future sale of your data. Do not sell my personal information.

Support.com is committed to your privacy
Read our Privacy Policy for a clear explanation of how we collect, use, disclose and store your information

©2024 RealDefense LLC. Support.com is a trademark owned by RealDefense LLC.
PRIVACY
TERMS OF USE