Major Security Hole in Time Warner Routers

October 25, 2009 by ADMIN
Share |

By Cara Garretson, Veteran Business and Technology Journalist

Customers of Time Warner Cable’s Internet service using the company-supplied cable modem/wireless router box could easily have their home networks infiltrated and taken over by hackers, a blogger reports.

The security hole was found by David Chen, co-founder of software company pip.io, who was helping a friend change the password protecting his wireless network to something easier to remember.

According to Chen’s blog post on Tuesday, Chen was attempting to change the default WEP (wired equivalent privacy) encryption setting on his friend’s SMC8014WG-SI cable modem/router, supplied by Time Warner, to the more secure WPA2 (Wi-fi Protected Access 2) setting.

For customers who don’t supply their own device, the SMC cable modem/router is installed by Time Warner Cable with a default configuration that only allows users to add URLs to block lists using a generic user account on a Web site.

When Chen logged on to the site with the user account, he discovered that access to the admin features of the cable modem/router were disabled by JavaScript.

Once he disabled JavaScript in the browser , he was granted access to a variety of menu options, he writes.

Among those options is one called “Back up configuration file,” which when clicked on saves a copy of the router’s configuration settings to the desktop, including the admin’s login and password.

Not only did Chen find the login credentials written in plain text, but he also discovered that the Web admin page for the cable modem/router could be accessed from anywhere on the Internet, which means these devices could be controlled from anywhere on the Web.

He then ran a port scan of Time Warner Cable IP addresses currently on the Internet and “easily found dozens of these routers, open to attack.”

With this kind of access, an intruder could eavesdrop on sensitive data sent across the Internet, manipulate the DNS address that redirects traffic from trusted sites to malicious ones, and possibly even infect other routers automatically.

Chen says he informed Time Warner’s security department of the hole; they responded that they were aware of the problem but couldn’t do anything about it.

Since then, Time Warner Cable has pushed out a temporary patch and is working on a permanent fix, according to Jeff Simmermon, director of digital communications with the company.

“Our customer’s (sic) security is of the utmost importance to us, and we are constantly working to identify and repair holes and flaws as we discover them. This is not the sort of thing where we’ll roll the fix out, go ‘okay, done, phew,’ and go back to our comfy armchairs,” Simmermon wrote in a comment to Chen’s post.

Time Warner Cable is the second-largest cable operator in the U.S., serving 8.7 million high-speed data residential customers in 28 states.

*   *   *

Stay Informed With ISR News Feeds and Email Alerts Here:

Enter your email address:

Delivered by FeedBurner

Cara Garretson is a veteran business and technology journalist with over 15 years experience writing and editing for print and online publications, including a position as Senior Editor for Buyer’s Guides at Network World and as a Senior Writer at Red Herring. Cara contributes regularly to CIOZone.com.

CIOZone.com is the first of its kind online meeting place for CIOs. It is built upon the foundation of social networking and combines user generated content and expert editorial together around an open source platform.

The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

These icons link to social bookmarking sites where readers can share and discover new web pages.
  • TwitThis
  • LinkedIn
  • Google Bookmarks
  • Digg
  • StumbleUpon
  • YahooBuzz
  • del.icio.us
  • Wikio
  • Propeller
  • Facebook
  • MySpace
Share |


Filed under: Breach, CIOZone, Cara Garretson, Class Action Lawsuit, D&O Liability, FEATURE ARTICLE, Financial, Insider Threat, Sarbanes-Oxley, Uncategorized, due diligence, hackers, malware, national security, privacy, virtualization 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Comments

One Comment on Major Security Hole in Time Warner Routers

  1. Adam Wood on Mon, 26th Oct 2009 1:21 pm

    2. SMC Networks was recently made aware of a potential vulnerability in the firmware deployed in certain versions of its cable modems deployed on the Time Warner Cable network in North America.  In specific and limited instances, the firmware could potentially be exploited by hackers intending to compromise the security of a user’s Internet connection and network.
     
    SMC Networks has moved quickly to develop new firmware that fixes the potential vulnerability and eliminates the possibility of a customer illegally accessing other users’ computers or Time Warner Cable’s network.  The new firmware has already been delivered to Time Warner Cable who are pushing the update to their end users’ equipment.  This update is being deployed by Time Warner Cable and will require that no action be taken by the end users.
     
    SMC Networks and Time Warner Cable take its customers’ network security concerns very seriously and apologizes for any inconvenience that has been caused by this vulnerability.  It is of the utmost importance to SMC to deliver to markets products that are secure, safe and reliable.

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!