More like this


Cisco patches a bunch of cable modem vulns

HTTPS content inspection box also needs a fix

Cisco's joined the “residential broadband gateways with SOHOpeless security” club, announcing not one but three vulnerable systems.

At least, in this case, there's some chance that systems will get patched, since the products are predominantly sold through service provider partners.

The vulns are as follows:

  • CVE-2016-1325 – two wireless gateways (the DPC3941 and DPC3939B) can be attacked through the Web-based administration interface via crafted HTTP requests.
  • CVE-2016-1327 – the DPC2203 and EPC2203 cable modems have an HTTP input validation vulnerability that exposes them to remote code execution.

Another gateway, the DPQ3925, has an HTTP handling error that exposes it to denial-of-service attacks.

Credit where due, though: The Register notes that the DPC2203 hasn't shipped since 2013.

The DPC3939 and 3941 are far more recent DOCSIS 3.0-capable systems.

Sysadmins will also want to get busy if they're using the Cisco ASA Content Security and Control Security Services Module, because it's got a denial-of-service vulnerability.

The system doesn't handle HTTPS packets properly, and if an attacker soaks the target device with HTTPS packets it can be crashed.

The bug is specific to Cisco ASA 5500 CSC-SSM devices cap-able of HTTPS inspection, with software prior to 6.6.1164.0 (or without hotfix 1157). ®

Sponsored: Fast data protection ROI?