Researchers have identified over 12 million routers in use worldwide with the vulnerability, called Misfortune Cookie. At least 200 different models of device from various manufacturers and brands are vulnerable, including models by D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL and many others.
If a router is vulnerable, any device connected to the network – PCs, phones, tablets, printers, security cameras, refrigerators, or any other networked device – is at risk of compromise. An attacker exploiting the Misfortune Cookie vulnerability can monitor Internet connections, steal credentials and sensitive data, infect machines with malware, or control devices.
To protect consumers and small businesses against the vulnerability, Check Point recommends adding a firewall to all PCs to strengthen protection from attack, such as ZoneAlarm Free Firewall, which blocks malicious activity on computers. The vulnerability has been assigned the CVE-2014-9222 identifier.
Over 12 million devices worldwide are vulnerable to attack
Check Point has today released its findings of Misfortune Cookie, a critical vulnerability that allows an intruder to remotely take over a residential gateway device and use it to attack the devices connected to it.
Researchers in Check Point’s Malware and Vulnerability Research Group uncovered a vulnerability present on millions of residential gateway (SOHO router) devices from different models and makers. It has been assigned the CVE-2014-9222 identifier. This severe vulnerability allows an attacker to remotely take over a gateway device with administrative privileges. To date, researchers have distinctly detected at least 12 million readily exploitable devices connected to the Internet worldwide, making this one of the most widespread vulnerabilities revealed in recent years.
Key Findings:
-- If undiscovered, an attacker could take control of millions of home and business routers around the world, and use that access to control and steal data from the wired and wireless devices connected to the network.
-- The affected software is the embedded web server RomPager from AllegroSoft, which is typically embedded in the firmware released with router and gateway devices.
“Misfortune Cookie is a serious vulnerability present in millions of homes and small businesses around the world, and if left undetected and unguarded, could allow hackers to not only steal personal data, but control peoples’ homes,” said Shahar Tal, Malware and Vulnerability Research Manager at Check Point Software Technologies. “At Check Point, we are dedicated to protecting the internet and its users by staying ahead of attackers. Our Malware and Vulnerability Research Group remains focused on uncovering security flaws and developing the necessary real-time protections to secure the Internet.”