Critical vulnerability finally patches in ISP broadband equipment

walden, system, systems, walden systems, rita, firewall, port, forward, up, protect, intrusion, security, traffic, DMZ, block, protection, walden systems, walden, systems, network, fire, wall, hack, intrusion, cisco, router, network, switch, hub, IoT, traffic
Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.



     Broadband gear made by Advanced Digital Broadcast is being patched to fix three critical vulnerabilities. Patches for three critical vulnerabilities impacting broadband gateways made by Advanced Digital Broadcast ( ADB ) have been released to the public, nearly two years after the bugs were first found. Issues range from a privilege escalation flaw, an authorization bypass vulnerability and a local jailbreak bug. Switzerland-based ADB manufactures routers and modems for over two dozen broadband and communications firms globally. The company also counts North America's third-largest ISP Cox Communication and Charter Communications as customers. Neither Cox nor Charter returned Threatpost inquiries on if or how many of their customers may have been impacted by the vulnerabilities.

     A number of ADB consumer and small-business broadband equipment is impacted. According to researchers, flaws were first identified in equipment in June, 2016 by SEC Consult Vulnerability Lab. The rollout phase for patches began July, 2017. Public disclosure of the vulnerability was July 4, 2018. One of the three critical vulnerabilities ( CVE-2018-13108 ) is a local root jailbreak bug that can be exploited thanks to a network file sharing flaw. By exploiting the local root vulnerability on affected and unpatched devices an attacker is able to gain full access to the device with highest privileges, according to researchers.




     Researchers stated that the network file sharing feature on ADB broadband devices can be accessed via the networking protocol Samba, used for USB devices. Hackers can abuse the Samba daemon and access the USB port with highest access rights and exports the network shares with root user permissions. SEC Consult also identified a bug (CVE-2018-13109) in some versions of firmware used in ADB devices that allows an attacker to gain access to device settings forbidden to the user. It is also possible to manipulate settings to enable the telnet server for remote access if it had been previously disabled by the ISP. As a prerequisite for the attack, a hacker would need a user account for login such as the default one provided by the ISP or printed on the device.

     ADB broadband gateways are also vulnerable to a privilege escalation flaw via Linux group manipulation that could allow an attacker to gain access to the command line interface, even if CLI was previously disabled by the ISP. Depending on the feature set of the CLI which is ISP dependent, it is possible to gain access to the whole configuration and manipulate settings in the web GUI and escalate privileges to highest access rights. The hack makes it possible for a hacker to manipulate the group name setting of storage users on ADB devices and overwrite the local Linux groups called "remoteaccess" or "localaccess" in /etc/group, which defines access to Telnet or SSH.



     According to SEC Consult, ADB has released updated firmware that address each of the vulnerabilities. All ADB Broadband Gateways / Routers based on Epicentro platform are affected. Model numbers for the vulnerable hardware include ADB P.RG AV4202N, DV2210, VV2220, VV5522 and more, according to each of the security bulletins. Based on information available on the company's website, affected products may also include EVDSL/G.Fast/Fiber Gateway Dual-band Wireless AC1600 ST6840 and GPON Gateway Dual-band Wireless AC1600 VG4820, each running the Epicentro platform.