NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Firmware upgrade for Cable Haunt vulnerability on CM1000?
With the recent announcment of the Cable Haunt vulnerability (see https://cablehaunt.com/) and the inclusion of the CM1000 modem on the list of affected devices, is there an updated firmware availabl...
Broadcom actually released the patch in may of 2019.
Bottom of article in the “updates” section:
https://www.theregister.co.uk/2020/01/10/broadcom_cable_haunt_vulnerability/
Bottom of article in the “updates” section:
https://www.theregister.co.uk/2020/01/10/broadcom_cable_haunt_vulnerability/
Also states:
"We also asked the researchers whether the chip slinger's fix in May last year fully addressed the discovered vulnerability. They told us:
We have heard from Broadcom that they updated their reference software around that time, and we have no reason to believe otherwise. However we do not have access to this code or the previous version. We have only been able to see the binary firmware which the manufacturers deploy, so we can not confirm it.
Due to the nature of reference software, is not necessarily easily forwarded to the manufacturers, and we have no way of knowing for sure, if a manufacturer updated with the reference software or of their own accord.
We have not been able to get any worthwhile estimates of the units actually affected worldwide, however we are getting hundreds of emails from users reporting their modem vulnerable, and are constantly updating our website with this information."