Skip to main content
  1. Home
  2. Computing
  3. Web
  4. News

Surfboard cable modems may be vulnerable to denial of service attacks

Bruce Brown
By

report advises governments to avoid encryption backdoors internet router
Cable modems vulnerable to denial of service attacks
Have you noticed that sometimes your internet service goes down, only to come back a few minutes later? It might be a vulnerability in your cable modem. If you have an Arris SurfBoard SB6141 you don’t need to panic, because that won’t help in any case, but if your modem is actually open to denial of service attacks, the only solution today is to have a cable technician to come to your home or office. Arris is working on a way for customers to upgrade the modems.

The problem is the way the Arris SB6141 handles authentication and cross-site requests, according to a report from Seclists.org. Clicking on a disguised link on a website or in an email can cause a service interruption. If that happens your modem will likely reboot or reset. With a reboot, your internet service should come back promptly; a reset takes longer and you may even have to call the cable company to have them reactivate your modem.

In a statement to Zdnet, Arris stated that only a subset of the SB6141s are in jeopardy. The company also reiterated that it is unaware of any exploits of the authentication vulnerability, which was documented way back in April 2008.

An Arris spokesperson told Digital Trends that the company has “recently addressed the reported GUI access issue with a firmware update. We are in the process of working with our Service Provider customers to make this release available to subscribers. There is no risk of access to any user data, and we are unaware of any exploits.”

Unfortunately there’s no way for you to check whether your modem is on the good list or the maybe-no-so-good list. Major cable internet providers including Comcast, Time Warner Cable, or Charter sent the Arris (formerly Motorola) cable modems to millions of new customers.

The firmware upgrade isn’t one that can be installed by users yet, so if you have a vulnerable SB6141, a technician will have to pay a visit. The best course of action: call your cable company about the firmware upgrade and get on the list if needed. And in the meantime, be ever more vigilant about clicking on unknown websites and unexpected links in email or online messages.

Updated on April 11 at 5:15 p.m. ET by Bruce Brown: Arris reached out to us with new information. We’ve updated the article, which was originally published Saturday. 

Editors' Recommendations

Logitech’s new Mac accessories are customizable, functional, and undeniably pretty
Logitech MX Mechanical Mini Keyboard for Mac.
Nullmixer is a nasty, new Windows malware dropper
Windows shows a malware warning on a Dell laptop.
New malware can steal your credit card details — and it’s spreading fast
An individual surrounded by several computers typing on a laptop.
Twitter is building a menu option for Twitter Shops
A person's hands holding a smartphone as they browse Twitter on it.
How to connect AirPods to a Chromebook
An Acer Chromebook Spin 514 sitting on a table (backside view).
Best Prime Day MacBook Deals: What to expect on October 11
Prime Day 2022 Macbook deals graphic.
Best Apple Prime Day Deals: Predictions for the October sale
Prime Day 2022 Apple deals graphic.
Best Prime Day Chromebook Deals: What to expect in October
Prime Day 2022 Chromebook deals graphic.
Best Prime Day Laptop Deals: What to expect from the second sale
Prime Day 2022 laptop deals graphic.
Best Prime Day Monitor Deals: What to expect on October 11
Prime Day 2022 monitors deals graphic
This 15-inch Dell laptop just got a huge price cut — now $250
dell inspiron 15 3000 deal june 2022 7000 01
Hurry — Dell’s XPS 13 MacBook Pro rival is under $850 in rare deal
Person sitting and holding Dell XPS 13 laptop on their lap.
This powerful Alienware gaming PC is $1,090 off for a limited time
The Alienware Aurora R10 Ryzen Edition Gaming Desktop, placed on a desk.