Endpoint/Device Security, Vulnerability Management

Old Arris routers impacted by new RCE bug

SecurityWeek reports that numerous Arris routers including the G2482A, SBG10, and TG2492 models running firmware version 9.1.103 which have reached end-of-life are being impacted by a remote code execution flaw, tracked as CVE-2022-45701. Shell script command injection has been conducted by security researcher Yerodin Richards using the flaw, which already has a proof-of-concept exploit code. Threat actors could also leverage the vulnerability, which impacts Arris routers mostly found in the Caribbean and Latin America, to facilitate brute-force attacks, as well as attacks targeted at traffic interception. With patches unlikely for the unsupported devices, users have been recommended to use strong passwords to protect their systems. The lack of support has also made router firmware modifications challenging for users, according to Richards. Organizations "could run the exploit to gain a root shell and try to patch it from there but this is by no means a simple solution," Richards added.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.