June 3, 2024 at 05:12PM
Cox Communications fixed an authorization bypass vulnerability discovered by bug bounty hunter Sam Curry, preventing remote attackers from resetting modem settings and stealing sensitive customer information. The largest private broadband company in the U.S., Cox provides services to nearly seven million homes and businesses across over 30 states. The company took down exposed API calls and patched the vulnerability within a day of being reported.
Based on the meeting notes, the key takeaways are:
1. Cox Communications fixed an authorization bypass vulnerability that could have allowed remote attackers to abuse exposed backend APIs to reset modem settings and steal customers’ sensitive personal information.
2. Bug bounty hunter Sam Curry discovered the security flaw and found that successful exploitation gave threat actors similar permissions as ISP tech support.
3. Attackers could exploit this vulnerability to perform a range of actions including accessing customers’ personally identifiable information (PII) such as MAC addresses, email, phone numbers, and addresses.
4. The attackers could collect Wi-Fi passwords and other information by querying the hardware MAC address stolen in the previous attack stage and could execute unauthorized commands, modify device settings, and gain control over victims’ accounts.
5. Cox Communications took down the exposed API calls within six hours of Curry’s report and patched the vulnerability the next day.
6. Cox investigated whether the attack vector had been exploited before being reported but found no evidence of previous abuse attempts.
Feel free to let me know if there’s anything else you’d like me to extract from the meeting notes!