New Vulnerabilities in Verizon Routers Expose Millions of Consumers, According to Tenable Research
April 9, 2019 · Columbia, MD
Threat actors could gain complete control of home routers and access to network traffic without needing physical access to the device
Tenable®, Inc., the Cyber Exposure company, today announced that its research team has discovered multiple vulnerabilities in Verizon Fios Quantum Gateway routers. If exploited, the vulnerabilities would give an attacker complete control over the router and visibility into everything connected to it. Millions of these devices are currently in use in U.S. homes.
The rise of the smart home has turned the humble router into a top target for cybercriminals. These latest vulnerabilities discovered by Tenable Research (CVE-2019-3914, CVE-2019-3915 and CVE-2019-3916) enable a number of attack scenarios that extend to smart devices, such as home security systems, that are connected to the router and can be compromised remotely. An attacker could tamper with the security settings of the device, change firewall rules or remove parental controls. They could sniff network traffic to further compromise a victim’s online accounts, steal bank details and swipe passwords.
“Routers are the central hub of every smart home today. They keep us connected to the corners of the internet, secure our homes and, even, remotely unlock doors,” said Renaud Deraison, co-founder and chief technology officer, Tenable. “However, they also act as a virtual entry point into the very heart of the modern home, controlling not just what goes out, but also who comes in.”
Verizon has advised that firmware version 02.02.00.13 will address these vulnerabilities and that affected devices will be updated remotely. Users are urged to confirm their device is updated to this version and to contact Verizon with any questions.
For more technical information on the vulnerabilities, read the Tenable Research blog post on Medium.
Sobre a Tenable
Tenable®, Inc. é a empresa de Cyber Exposure.Mais de 27 mil organizações no mundo todo contam com a Tenable para entender e reduzir o risco cibernético.Como criadora do Nessus®, a Tenable ampliou sua experiência em vulnerabilidades para oferecer a primeira plataforma do mundo para verificar e proteger qualquer ativo digital em qualquer plataforma de computação.Entre os clientes da Tenable, estão mais de 50% das empresas Fortune 500, mais de 25% das empresas Global 2.000 e agências governamentais de grande porte.Saiba mais em pt-br.tenable.com.
Informações de contato:
Cayla Baker
[email protected]
Mantenha-se atualizado
Inscreva-se em nossos alertas de e-mail para receber novos comunicados à imprensa.
Inscreva-se para receber atualizações de comunicado à imprensa