Arris handling modem DNS issue with firmware update

Arris said it's addressing a vulnerability in its SurfBoard 6141 DOCSIS 3.0 modems with a firmware update.

"We are in the process of working with our service provider customers to make this release available to subscribers," company spokeswoman Jeanne Russo told FierceCable. "We take product performance very seriously. We work actively with security organizations and our service provider customers to quickly resolve any potential vulnerabilities to protect the subscribers who use our devices."

A report in the IT forum seclists.org had identified the Arris cable modem as being vulnerable to denial of service attacks. 

"It is also possible to factory reset the modem with a simple unauthenticated URL," the report said. "This causes a longer outage while the modem renegotiates with the ISP — which can in certain cases even require calling the ISP to initiate the reactivation."

Arris disputes the report that more than 135 million SB6141 units are impacted.

In November, a Brazilian security analyst documented multiple backdoors allowing remote access to Arris cable modems.

"While researching on the subject, I found a previously undisclosed backdoor on Arris cable modems, affecting many of their devices including TG862A, TG862G, DG860A," said Bernardo Rodriques on his personal blog. "As of this writing, Shodan [search engine] searches indicate that the backdoor affects over 600,000 externally accessible hosts and the vendor did not state whether it's going to fix it yet."

Arris is a leading manufacturer of cable modems, selling its devices to Comcast (NASDAQ: CMCSA), Time Warner Cable (NYSE: TWC), Charter Communications (NASDAQ: CHTR) and Cox Communications. 

For more:
- read this seclists.org report
- read this Digital Trends story

Related articles:
Arris says security threat posed by reported cable modem backdoor is 'low'
Some Arris cable modems reportedly can be hacked through back door

Read more on