Cable Haunt is a vulnerability that can be found in Broadcom based cable modems— hundreds of millions of which are in use today around the world. By exploiting this vulnerability, an attacker can remotely hijack the cable modem and its network. Doing so puts subscribers at risk for a number of malicious actions, including:
Traffic redirection to known bad sites
Exposed and stolen Personally Identifiable Information (PII)
Long-term exposure to other vulnerabilities and threats
On the podcast, Kasper shares how their team came about first discovering Cable Haunt:
"It kind of started a bit organically, like a bread crumb trail we followed through the worlds of cable modems. It pretty much started with one of the other co-founders— his internet went out, as you know, as it sometimes does, and he got annoyed. As a technical person, he wanted to see if he could do anything on his end... He started poking around and found stuff where he was like 'I'm not supposed to be able to see this sort of thing.'"
Kasper and Minim Founder/CSO David Aronoff continue the conversation to discuss the ins and outs of the vulnerability: how the attack is carried out, the staggering number of leading cable modem brands that are affected, available mitigation strategies, the future for Lyrebirds, and more.