Skip to main content

Surfboard cable modems may be vulnerable to denial of service attacks

report advises governments to avoid encryption backdoors internet router
Cable modems vulnerable to denial of service attacks Image used with permission by copyright holder
Have you noticed that sometimes your internet service goes down, only to come back a few minutes later? It might be a vulnerability in your cable modem. If you have an Arris SurfBoard SB6141 you don’t need to panic, because that won’t help in any case, but if your modem is actually open to denial of service attacks, the only solution today is to have a cable technician to come to your home or office. Arris is working on a way for customers to upgrade the modems.

The problem is the way the Arris SB6141 handles authentication and cross-site requests, according to a report from Seclists.org. Clicking on a disguised link on a website or in an email can cause a service interruption. If that happens your modem will likely reboot or reset. With a reboot, your internet service should come back promptly; a reset takes longer and you may even have to call the cable company to have them reactivate your modem.

Recommended Videos

In a statement to Zdnet, Arris stated that only a subset of the SB6141s are in jeopardy. The company also reiterated that it is unaware of any exploits of the authentication vulnerability, which was documented way back in April 2008.

Please enable Javascript to view this content

An Arris spokesperson told Digital Trends that the company has “recently addressed the reported GUI access issue with a firmware update. We are in the process of working with our Service Provider customers to make this release available to subscribers. There is no risk of access to any user data, and we are unaware of any exploits.”

Unfortunately there’s no way for you to check whether your modem is on the good list or the maybe-no-so-good list. Major cable internet providers including Comcast, Time Warner Cable, or Charter sent the Arris (formerly Motorola) cable modems to millions of new customers.

The firmware upgrade isn’t one that can be installed by users yet, so if you have a vulnerable SB6141, a technician will have to pay a visit. The best course of action: call your cable company about the firmware upgrade and get on the list if needed. And in the meantime, be ever more vigilant about clicking on unknown websites and unexpected links in email or online messages.

Updated on April 11 at 5:15 p.m. ET by Bruce Brown: Arris reached out to us with new information. We’ve updated the article, which was originally published Saturday. 

Bruce Brown
Bruce Brown Contributing Editor   As a Contributing Editor to the Auto teams at Digital Trends and TheManual.com, Bruce…
Sam Altman confirms ChatGPT’s latest model is free for all users
ChatGPT logo on a phone

Earlier this week, OpenAI CEO Sam Altman declared the company's newest reasoning model, o3, ready for public consumption after it passed its external safety testing and announced that it would soon be arriving as both an API and ChatGPT model option in the coming weeks. On Thursday, Altman took to social media to confirm that the lightweight version, o3-mini, won't just be made available to paid subscribers at the Plus, Teams, and Pro tiers, but to free tier users as well.

https://x.com/sama/status/1882478782059327666

Read more
Perplexity’s new AI agent can perform multi-step tasks on your Android device
Running Perplexity on OnePlus Pad 2.

Perplexity announced Thursday that it is beginning to roll out an agentic AI for Android devices, called Perplexity Assistant, which will be able to independently take multi-step actions on behalf of its user.

"We are excited to launch the Perplexity Assistant to all Android users," Perplexity CEO Aravind Srinivas wrote in a post to X on Thursday. "This marks the transition for Perplexity from an answer engine to a natively integrated assistant that can call other apps and perform basic tasks for you."

Read more
iBUYPOWER RTX PCs: What Does It Mean and How Can You Best Use It?
iBUYPOWER RTX for AI PCs side view of pre-built on sale hero

We’re living in the dawn of AI. Every day a new company starts advertising that it’s now using AI in its software, whether it’s in TVs, phones, or powerful laptops and desktop computers. What does the dawn of AI actually mean for consumers?

In the case of premium computing, NVIDIA’s RTX tools with AI unlock a host of features in its video cards, such as enhanced video editing and streaming, best-in-class STEM app support for coursework, on-device AI, and, of course, proprietary AI tools like NVIDIA Broadcast and NVIDIA ChatRTX.

Read more