Title : Verizon patches bug for millions of routers that gives hackers complete control over the device
link : Verizon patches bug for millions of routers that gives hackers complete control over the device
Verizon patches bug for millions of routers that gives hackers complete control over the device
Verizon issues patch for bug affecting millions of routers that gives hackers complete control over the device
- The vulnerability allowed savvy hackers to take control of a top Verizon router
- Verizon's Fios Quantum Gateway router is used by millions of its customers
- The telco giant has since patched the flaw in the latest firmware version
Security researchers have discovered three vulnerabilities in a popular Verizon Fios router model that could have allowed hackers to take full control of the device.
The flaws, discovered by researchers at cybersecurity firm Tenable, affect Verizon's Fios Quantum Gateway router, which is used by millions of customers of the telecommunications giant.
Verizon patched the bug in its latest software update after researchers tipped them off to the flaws in December.
Scroll down for video
Security researchers have discovered three vulnerabilities in a popular Verizon Fios router model that could have allowed hackers to take full control of the device
While the attacks require a significant amount of effort to carry out, anyone savvy enough can gain root access to the device, giving them full control over it, as well as the ability to view every device connected to the router.
'This type of attack is feasible for an attacker with an intermediate level of skill,' Tenable Senior Researcher Chris Lyne told Threatpost.
'The remote command injection does require the attacker to either know the administrative password or have captured and replayed a previous login request.
'If remote administration is enabled on the router, the attack can be carried out from anywhere with an internet connection,' he added.
The attacker would also need to be in range of the device, but if remote administration of the device is enabled, it could be executed remotely, Lyne said.
Lyne discovered the bugs by looking at the Access Control rules in the Firewall settings of the router's API for the web interface.
After gaining root access to the device, the attacker would be able to inject commands into the operating system.
The flaws, discovered by researchers at cybersecurity firm Tenable, affect Verizon's Fios Quantum Gateway router, which is used by millions of customers of the telco giant
Researchers discovered two additional vulnerabilities, including the ability to capture a login request.
These vulnerabilities enable a range of dubious activities to be carried out by attackers, including the ability to compromise smart home devices remotely.
'An attacker could tamper with the security settings of the device, change firewall rules or remove parental controls,' Tenable said in a statement.
'They could sniff network traffic to further compromise a victim’s online accounts, steal bank details and swipe passwords.'
Luckily, Verizon resolved the vulnerabilities in firmware version 02.02.00.13.
Most of the affected devices have been updated to this latest version, but Verizon cautioned that a 'small fraction of devices' remain vulnerable.
Thus Article Verizon patches bug for millions of routers that gives hackers complete control over the device
You are now reading the article Verizon patches bug for millions of routers that gives hackers complete control over the device with the link address https://coneknews.blogspot.com/2019/04/verizon-patches-bug-for-millions-of.html
Related Posts :
Asian stocks lower as U.S. tax passage fails to impress- Brady Leman proud to ski for more than himself
- Canada preparing next move in Bombardier case after U.S. confirms hefty duties
- Competitors and critics agree Barry Sherman will be tough to replace at Apotex
- IOC reveals guidelines, logo for Russian Olympic athletes
0 Response to "Verizon patches bug for millions of routers that gives hackers complete control over the device"
Post a Comment