Intel Puma


The Intel Puma 6/7 chip that is used in the devices listed -here- has a a serious security issue that has been partially addressed and the firmware update rolled out to some devices and some ISPs. It allows a attacker to shut down your connection at will for as long as they want and the only way out from under the attack is to buy a different modem or change your IP.  It is a unpatched 0-day exploit that has no current mitigation with published code anyone can download and target other users. This issue was first reported in the press YEARS ago and to date Intel has not addressed all the issues and only a small set of devices on some ISPs have been updated.

Intel has acknowledged the issue with a security alert

This issue was covered in the press with detail - here - - here- - -here-

The issue was acknowledged by at least one modem mfgr - here - with a advisory -here -

There is a Security Focus entry here

There is a published exploit ( program) that allows even non technical users to attack Puma 6/7 based modems/gateways - here -

the CVE  is CVE-2017-5693 -here-

In addition to the DoS mentioned above, there's also a memory corruption DoS which causes a full modem reboot. The details of this attack have not yet been published while a patch is being worked on.

These issue was discovered by Mackey at DSLReports

I have testing done with pingplotter shown -here-