Bright House Networks - Legacy → [Internet] Firmware update for SB6141

Is there an ETA from Bright House regarding the deployment of the firmware update for the Arris (Motorola) SB6141 modems?

Background: »www.securityforrealpeopl ··· dem.html

Statement from Arris: »www.arriseverywhere.com/ ··· 1-modem/

Jon we are aware of the issue and are working closely with the manufacturer at this time. To be clear (and very important...

- The risk to customers with this modem and impacted firmware is extremely low.

- This issue is not exclusive to Bright House Networks modems. Any provider using the same impacted models is similarly impacted including non-provider or retail modems of the same model(s).

- In a worst case scenario where bad guys are able to craft a site that takes advantage of the issue the customer must somehow be driven to the site and even then worst thing that will happen is the modem reboots or factory defaults and reboots. This is after all a bridge modem so not exactly a lot to factory default that could or would impact a customer if anything. The issue would be more of an annoyance factor of having the modem reboot without notice or customer intervention.

-Assuming the worst meaning a customer has been somehow navigated to a site with the exploit there is NO risk of data loss or integrity. In other words even after a customer has had the exploit used on their modem bad guys CANNOT eves drop, view or manipulate data to/from the modem or control or gain access to customer home networks in any way. The exploit simply causes the modem to reboot.

-Customers need to do nothing at this time. Firmware will be pushed automatically to impacted customer modems. ETA is unknown as that will depend on the length of time required to validate and test the new firmware from the manufacturer.

More information will follow as needed. In the meantime practice the usual safe internet practices you have been taught here and avoid high risk activities and sites on the internet whenever possible.

Yep - more of an annoyance than a threat. It's been a few days since Arris posted that statement, so I just thought I would ask if an ETA for deployment from Bright House was known.

Yep definitely annoying but low value to most hacker types because there is nothing realty to gain so I don't expect to see an explosion of sites designed to exploit the issue.

What about this exploit for the SBG6580: »community.rapid7.com/com ··· e-modems

It takes the CSRF exploit to a higher level using other exploits.

This was discussed at the time of announcement over a year ago. Bottom line guys we are on top of these things generally long before they ever make it to places like rapid 7 provided the MFR does their part. You need not worry about your modems as we stay on top of this constantly.

Any update on the deployment of the firmware update to Bright House customers?

Firmware still showing a build time of March 12, 2013. I know it's not high level threat, but it's been more than 2 months since Arris provided a patch to ISPs. What's the ETA for deployment?

And you know they supplied us the patch then how? Because they didn't, they were still working on it at the time that went out and then they go through multiple levels of approval. Because we do things differently with our modems the impact to us and our customers was little to less than zero. Honestly not sure if we decided not to risk the chance of introducing new firmware issues by new firmware and just leave it alone considering it didn't impact us anyway. But I'll check and get back with the thread.

Once again, an arrogant response to a customer who asks a legitimate question and has every right too. There's no reason to respond to him the way you do (and continue to do to many others on here). It's unprofessional and very rude, but I'm sure you know that already.

It was based on the date of the article linked to below (April 11, 2016)

»www.arriseverywhere.com/ ··· 1-modem/

Specifically this statement... "First and foremost, we developed a firmware upgrade to correct the issue affecting the SB6141. This firmware upgrade will be automatically sent to your device from your cable operator."

I made the assumption that they had made it available to all ISPs at that time.

Edit: Gary - If BrightHouse decides(d) that they are not going to deploy the firmware, please let me know. I can certainly purchase a newer model modem.

Gigahurtz - Thank you for the support.

No problem at all. I understand this flaw isn't serious but your question is definitely worth asking.

Gary - Would you be willing to provide some more insight into the process? I'm asking because my understanding is that base firmware version 1.0.6.16, which patches this issue, was available from Arris for ISPs prior to their April 11th posting on the Arris Everywhere site. Were you speaking of issues encountered by BrightHouse when making the needed modifications to support the BH network?

Edit: A response stating that it's not a high enough risk to deploy it on the network is valid. That will let me know that waiting is not the proper course of action and that I should take a different one.