{"id":16780,"date":"2022-04-26T04:24:04","date_gmt":"2022-04-26T01:24:04","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=16780"},"modified":"2022-04-26T04:24:04","modified_gmt":"2022-04-26T01:24:04","slug":"kablolu-modemler-guvenlik-acigi-nedeniyle-risk-altinda","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=16780","title":{"rendered":"Kablolu Modemler G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Nedeniyle Risk Alt\u0131nda"},"content":{"rendered":"<p>Danimarka merkezli g\u00fcvenlik dan\u0131\u015fmanl\u0131\u011f\u0131 \u015firketi Lyrebirds&#39;e nazaran, CVE-2019-19494\u00a0kod ad\u0131yla\u00a0bilinen <strong>&#39;Cable-Haunt&#39;<\/strong>\u00a0isimli bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131, Avrupa \u00e7ap\u0131nda\u00a0yakla\u015f\u0131k 200 milyon kablolu modemi etkiliyor.\u00a0Siber g\u00fcvenlik \u015firketi ESET, bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 ke\u015ffeden ve bulgular\u0131n\u0131 payla\u015fan Lyrebirds\u2019\u00fcn ara\u015ft\u0131rmas\u0131na dikkat \u00e7ekti.\u00a0<\/p>\n<p>Lyrebirds ara\u015ft\u0131rmac\u0131lar\u0131, <em>&#8220;Sadece Avrupa&#39;da tahminen <strong>200 milyon<\/strong> kablolu modem var. Test edilen neredeyse hi\u00e7bir modemin, eser yaz\u0131l\u0131m\u0131 g\u00fcncellemesi olmadan inan\u00e7ta olmad\u0131\u011f\u0131 anla\u015f\u0131ld\u0131. Bu nedenle Avrupa&#39;da savunmas\u0131z olan modem say\u0131s\u0131n\u0131n bu say\u0131ya yak\u0131n oldu\u011fu iddia ediliyor.&#8221;<\/em> a\u00e7\u0131klamas\u0131n\u0131 yapt\u0131.<\/p>\n<p>Birtak\u0131m internet hizmet sa\u011flay\u0131c\u0131lar\u0131na bu sorun hakk\u0131nda bilgilendirme ve tahlile y\u00f6nelik eser yaz\u0131l\u0131m\u0131 g\u00fcncellemeleri g\u00f6nderildi. Lakin tekrar de, <strong>d\u00fcnya \u00e7ap\u0131nda<\/strong> daha fazla say\u0131da modemin risk alt\u0131nda oldu\u011fu istikametinde g\u00fc\u00e7l\u00fc ku\u015fkular var.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/43\/cdc716a11e1ceb813d61e82d6091ae246ad5f907.jpeg\"\/><\/p>\n<p>G\u00fcvenlik a\u00e7\u0131\u011f\u0131, Broadcom taraf\u0131ndan \u00fcretilen \u00e7iplerdeki <strong>spektrum \u00e7\u00f6z\u00fcmleyici<\/strong> arac\u0131n\u0131 \u00e7al\u0131\u015ft\u0131ran yaz\u0131l\u0131mdan kaynaklan\u0131yor. Modemin kablo temas\u0131ndaki s\u0131k\u0131nt\u0131lar\u0131 saptamak ve d\u00fczeltmekle vazifeli olan spektrum \u00e7\u00f6z\u00fcmleyici bile\u015feni, \u00e7ok say\u0131da kablolu modem \u00fcreticisi taraf\u0131ndan ayg\u0131tlar\u0131n\u0131n eser yaz\u0131l\u0131mlar\u0131nda kullan\u0131l\u0131yor. Risk alt\u0131ndaki modem say\u0131s\u0131n\u0131n \u00e7ok fazla olmas\u0131 da bundan kaynaklan\u0131yor.<\/p>\n<p>Cable Haunt a\u00e7\u0131\u011f\u0131n\u0131n Avrupa&#39;daki neredeyse t\u00fcm kablolu modemleri etkileyebildi\u011fi ve siber sald\u0131rganlar\u0131n bu a\u00e7\u0131\u011f\u0131 kullanarak modem \u00fczerinden <strong>t\u00fcm data trafi\u011fine<\/strong> ula\u015f\u0131p denetim edebildi\u011fi belirtiliyor.\u00a0Spektrum \u00e7\u00f6z\u00fcmleyici lokal a\u011fda g\u00f6r\u00fcn\u00fcr olsa da, sald\u0131rganlar d\u00fcnyan\u0131n rastgele bir yerinden uzaktan eri\u015fim i\u00e7in Cable Haunt g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kullanabiliyor.<\/p>\n<p>Ara\u015ft\u0131rma grubu, modemlerdeki a\u00e7\u0131\u011f\u0131 tespit edebilmek gayesiyle bir <strong>POC (proof of concept)\u00a0sald\u0131r\u0131s\u0131<\/strong> tasarlad\u0131 ve bunu Sagemcom, Netgear, Arris, Compal ve Technicolor taraf\u0131ndan sunulan \u00e7ok say\u0131da kablolu modemde muvaffakiyetle test etti. Savunmas\u0131z olduklar\u0131 onaylanan modemlerin ve eser yaz\u0131l\u0131m\u0131 s\u00fcr\u00fcmlerinin tam listesine buradan eri\u015febilirsiniz.<\/p>\n<div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Danimarka merkezli g\u00fcvenlik dan\u0131\u015fmanl\u0131\u011f\u0131 \u015firketi Lyrebirds&#39;e nazaran, CVE-2019-19494\u00a0kod ad\u0131yla\u00a0bilinen &#39;Cable-Haunt&#39;\u00a0isimli bir &#8230;<\/p>\n","protected":false},"author":1,"featured_media":16781,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[851],"tags":[1532,1125,2050],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/16780"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16780"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/16780\/revisions"}],"predecessor-version":[{"id":16782,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/16780\/revisions\/16782"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/16781"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16780"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16780"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16780"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}