ReFirm Labs Announces New Centrifuge Platform Capability for Detecting the ‘Cable Haunt’ Vulnerability in Cable Modem Firmware

Share Article

The new capability in Centrifuge Platform is designed for IoT device manufacturers and cable operators to ensure their equipment does not contain the ‘Cable Haunt’ vulnerability.

News Image

ReFirm Labs, a provider of the industry’s first proactive IoT and firmware security solutions, today announced a new capability of its Centrifuge Platform® that detects the presence of the “Cable Haunt” vulnerability in the firmware images of cable modems. The recently-discovered vulnerability is estimated to impact hundreds of millions of cable modems globally. The new capability is designed for IoT device manufacturers and cable operators so they can ensure they are delivering solutions without this critical exploit to their customers.

Cable Haunt is a critical vulnerability in the eCos-based firmware of cable modems. It was disclosed in January 2020 by a team of security researchers in Denmark. With this vulnerability, external attackers can exploit a buffer overflow to take control of the modem, including potentially changing the modem firmware, redirecting user traffic or making the cable modem participate in a malicious botnet.

“The Cable Haunt vulnerability highlights two key points that we constantly preach about IoT security,” said Derick Naef, CEO of ReFirm Labs. “First, vulnerabilities in the firmware that runs IoT devices like cable modems are typically overlooked. They are an attack vector, and both companies and consumers need to be highly aware of the security of the IoT devices they are deploying onto their networks, just as they are concerned about the security of applications and websites.”

“Second, supply chain security needs to be at the very top of mind for IoT device manufacturers,” said Naef. “The reason the Cable Haunt vulnerability is present across so many vendors and devices is that the vulnerability is contained in a core piece of software delivered with one of the building blocks of most cable modems – the eCos-based cable modem middleware from Broadcom. This is precisely why having visibility into the security of 3rd-party components is essential to building a secure IoT device.”

With its new capability, Centrifuge Platform® uses a binary-only image of the Broadcom-based portion of the cable modem firmware image to extract the full eCos image and conduct analyses to identify if the Cable Haunt vulnerability is present. The new capability is the latest example of the many exploit, malware and backdoor detectors in Centrifuge Platform®. It also analyzes IoT firmware for cryptographic and password weaknesses, known vulnerabilities and weak binary hardening, and conducts automated reverse engineering to discover potential zero-day exploits, among other capabilities.

Centrifuge Platform® is the first solution that proactively manages the security of firmware -- a specific class of software that provides the low-level control for the hardware of an IoT device. Centrifuge Platform® can identify and report abnormalities and vulnerabilities in firmware in less than 30 minutes. It allows companies to quickly analyze their firmware for hidden dangers and respond immediately to potential weak spots. Highly scalable, automated and cloud-based, Centrifuge Platform® is a simple and reliable way for monitoring security across an entire system of deployed IoT devices without the need for agents or access to the network itself.

For more information about Centrifuge Platform®, go to

About ReFirm Labs
ReFirm Labs provides the industry’s first IoT and firmware security solutions that proactively vet, validate and continuously monitor IoT devices from hidden threats. Its flagship product, Centrifuge Platform®, detects and reports potential zero-day vulnerabilities, hidden crypto keys, backdoor passwords and known vulnerabilities in IoT devices without needing access to source code. ReFirm Labs’ technology has been proven to provide the insight and intelligence needed for users to proactively defend connected devices and maintain compliance and the integrity of supply chain security. Founded by a team of former NSA offensive cyber operators, ReFirm Labs is trusted by government agencies and Fortune 500 companies that operate in a wide variety of industries, including: telecommunications, cloud infrastructure and data centers, automotive, health care, utilities, and manufacturing. For more information, visit or follow on Twitter @ReFirmLabs.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Michael Tebo
Gabriel Marketing Group (for ReFirm Labs)
Email >