June 4, 2024 at 06:24AM
Cox Communications recently patched several vulnerabilities in their modems, preventing potential remote takeovers by hackers. Discovered in March by expert Sam Curry, the flaws allowed attackers to bypass authorization, gaining control of millions of modems and potentially accessing customer data. Cox promptly addressed the issue after being notified.
Key Meeting Takeaways:
1. Cox Communications recently addressed a critical security issue involving vulnerabilities in millions of modems exploited by researcher Sam Curry.
2. Curry uncovered and responsibly reported the vulnerabilities to Cox in early March 2024, prompting the telecoms firm to take swift action.
3. The vulnerabilities, allowing remote control and access to modems, were centered around an exposed API that could be exploited to carry out unauthorized commands and settings modifications.
4. The potential impact of the vulnerabilities included unauthorized access to customer data, such as PII and Wi-Fi passwords, and the ability to execute commands and update device settings.
5. Cox responded promptly by addressing the vulnerabilities and conducting a comprehensive security review following Curry’s report.
6. There is no evidence of the vulnerabilities being exploited maliciously by threat actors in the wild.