The leading American Telecommunication company Verizon is now building the blocks of 5G all over the United States. But now Verizon is sending out an update for millions of its users after three vulnerabilities were found by security researchers in Fios routers. Fios is a fiber optic internet service provided by Verizon and used by millions in the country.
The researchers at the company said that they divulged the issues to Verizon in December. Verizon issued the fix on March 13. “We were recently made aware of three vulnerabilities related to login and password information on the Broadband Home Router Fios-G1100,” a Verizon spokesman said in a statement. “As soon as we were made aware of these vulnerabilities, we took immediate action to remediate them and are issuing patches.”
Out of the three flaws, the worst flaw is an authenticated remote command injection glitch in the gateway’s API backend. The vulnerability (CVE-2019-3914) has a CVSS severity score of 8.5, making it high-severity. The command injection is possible by an attacker if it’s unsafe if the user passes through the unsafe supplied data provided by the user. When Verizon was asked out about the affected customers, their spokesperson said that they don’t need to do anything if their Fios firmware is running version 02.02.00.13, they’re secured from all vulnerabilities.
A router is now the junction of all the online services one uses in their daily life. Exploiting the router by the hacker can lead to abuse and can cause repercussions like stoled login credentials. “This type of attack is feasible for an attacker with an intermediate level of skill,” Chris Lyne, a senior research engineer at Tenable, told Threatpost. “The remote command injection does require the attacker to either know the administrative password or have captured and replayed a previous login request. If remote administration is enabled on the router, the attack can be carried out from anywhere with an internet connection.”
The same scenario was observed in Russia where hackers infected more than 5,00,000 routers in 54 countries with malware that could steal login credentials and cut off Internet service. Chris Lynn tried to inject the command in Verizon’s Fios Gateway for further malicious attacks that’s when he found that Quantum Gateway has a second (CVE-2019-3915, with a CVSS score of 6.9) and third (CVE-2019-3916, with a CVSS score of 4.3) vulnerability. He says that these vulnerabilities basically occurs due to not enforcing the use of HTTPS for the web administrative interface.
Thus, a local attacker can attack and access the admin interface and intercept the login requests using a packet sniffer. These requests can be replayed to give the attacker admin access to the web interface,” said Lyne. “From here, the attacker could exploit CVE-2019-3914,” he added. Verizon said that as of now they have not any cases where routers were abused to exploit the victim and that a patch will be rolling out to people “in the next several days.”