Critical Zero Day vulnerabilities in CPE WAN Management Protocol (CWMP/TR-069) deployments, used by major ISPs globally to control business and consumer home internet equipment such as Wi-Fi routers, and VoIP phones are now fixed, researchers said.
These Zero Days could lead to the compromise of millions of homes and business worldwide, through flaws in several TR-069 server implementations, said researchers at security provider Check Point.
Once compromised, the malicious exploitation could lead to massive malware infections, illegal mass-surveillance and privacy invasions, and/or service interruptions, including the disabling of an ISP’s Internet service. Attackers could also steal personal and financial data from huge numbers of businesses and consumers.
Further analysis found insecure ISPs, vulnerable to remote takeover. Check Point reported and assisted in fixing all uncovered vulnerabilities.
“The security flaws uncovered in TR-069 implementations could have resulted in catastrophic attacks against Internet Service Providers and their customers across the world,” said Shahar Tal, Vulnerability Research Team Leader at Check Point Software Technologies. “Our Malware and Vulnerability Research Group continues to focus on uncovering security flaws and developing the necessary real-time protections to secure the Internet.”