Security News > 2020 > January > Hundreds of millions of Broadcom-based cable modems at risk of remote hijacking, eggheads fear
A vulnerability in Broadcom's cable modem firmware has left as many as 200 million home broadband gateways in Europe, and potentially more worldwide, at risk of remote hijackings.
The end result, the team says, is that crooks can remotely take over vulnerable Broadcom-based cable modems without netizens or ISPs realizing; the victim simply has to surf to a dodgy website, or similar.
The team said the vulnerability affects cable modems using chipset designer Broadcom's software running on the open-source Embedded Configurable Operating System, and fear that in Europe alone as many as 200 million modems may be vulnerable, though they are not certain.
"The reason for this, is that the vulnerability originated in reference software, which have seemingly been copied by different cable modems manufacturers, when creating their cable modem firmware," the crew explained.
ISPs TDC and Stofa in Denmark, Get AS and Telia in Norway, Com Hem / Tele2 in Sweden, and NetCologne / NetAachen in Germany are said to have pushed or are in the process of pushing necessary security fixes to their cable modems, or their equipment is not affected because it doesn't use Broadcom's tech.