June 4, 2024 at 10:14AM
An API authorization-bypass flaw in Cox Communications’ infrastructure exposed millions of business customer devices to attacks. Independent bug researcher Sam Curry identified and reported the issue, leading to a prompt fix by the provider. Potential risks included unauthorized access to customer information, Wi-Fi passwords, and connected devices. The vulnerability highlighted trust issues between ISPs and customer devices.
Key Takeaways:
1. An API authorization-bypass flaw in the infrastructure of Cox Communications, a leading US broadband provider, exposed millions of business customer devices to attacks.
2. Independent bug researcher Sam Curry identified the flaw and reported it to Cox. He discovered the vulnerability in 700 exposed APIs on Cox’s back-end infrastructure, allowing attackers to gain administrative functionality and access business customers’ PII, Wi-Fi passwords, and connected devices.
3. The vulnerability gave external attackers permission to execute commands, modify modem settings, access any business customer’s PII, and gain essentially the same permissions as an ISP support team.
4. Curry’s research aims to highlight vulnerabilities in the layer of trust between the ISP and customer devices, emphasizing the need for prompt responses and mitigation by service providers.
Please let me know if you need any further details or if there are specific actions required based on these takeaways.