Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Mfg Cert from AVM compromised
#1
https://www.excentis.com/testing/certifi...rtificates

background story (in german):

https://www.heise.de/security/meldung/En...65065.html
Reply
#2
Nice story, too nice actually.
Reply
#3
(19-11-2016, 04:01 PM)Winston Wrote: Nice story, too nice actually.

suspiciously nice (▀̿Ĺ̯▀̿ ̿)
Reply
#4
(19-11-2016, 10:56 PM)occalifornia Wrote:
(19-11-2016, 04:01 PM)Winston Wrote: Nice story, too nice actually.

suspiciously nice (▀̿Ĺ̯▀̿ ̿)

Why?

It's happened and all MSO should revoke this Mfg Certificate immediately.

The US MSO should check very fast if they CMTS software have installed the EuroDOCSIS Root Certificate and delete it. Many software releases holds both Root CA Certificates (US and EU).
Reply
#5
(20-11-2016, 08:42 AM)FallGuy Wrote:
(19-11-2016, 10:56 PM)occalifornia Wrote:
(19-11-2016, 04:01 PM)Winston Wrote: Nice story, too nice actually.

suspiciously nice (▀̿Ĺ̯▀̿ ̿)

Why?

It's happened and all MSO should revoke this Mfg Certificate immediately.

The US MSO should check very fast if they CMTS software have installed the EuroDOCSIS Root Certificate and delete it. Many software releases holds both Root CA Certificates (US and EU).

It was a joke - hence the ASCII emoji..
Reply
#6
Oh yes...of course..the joke ASCII emoji vs a serious emoji...

Damn, "I could have had a V8 slap on the forehead".....
Reply
#7
(21-11-2016, 11:48 PM)newname Wrote: Oh yes...of course..the joke ASCII emoji vs a serious emoji...

Damn, "I could have had a V8 slap on the forehead".....

It seems like humor is lost on this crowd. Smile
Reply
#8
Sorry for pushing this thread up but there is small update. Joel Stein will give a lightning talk at the 33C3 about the situation.

You can find his slides here:

https://events.ccc.de/congress/2016/wiki...ing_DOCSIS

Im curious if the old AVM CA will come into Diagnostic Images like the Self Signed Stuff from Motorola or Scientific Atlanta did at Haxorware.
Reply
#9
Here is an update regarding the lightning talk:
https://www.youtube.com/watch?v=B5uqQL-d....be&t=3785

It's really easy to create a own Intermediate CA with this private key.

Btw. during my investigations I found out that the Manufacturer Public Key is slightly to big to be handled without problems by Haxorware on the 3349 or even on a 3390 based 3.0 CM. So they will not send the Manufacturer Public Key during the BPKM handshake and the BPI process stucks. However, if I use the files on Puma based cable modems it'll work.
Reply
#10
Anyone has a link or can mail this key ?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)