Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)Spark Smart Modem vulnerable?
r0bbie

259 posts

Ultimate Geek
+1 received by user: 24


#289033 8-Aug-2021 13:26
Send private message

Hey Spark's router was listed on a new disclosed router bug - do you think they are affected?

 

https://www.bleepingcomputer.com/news/security/actively-exploited-bug-bypasses-authentication-on-millions-of-routers/

 

 

View this topic in a long page with up to 500 replies per page Create new topic

This is a filtered page: currently showing replies marked as answers. Click here to see full discussion.

Talkiet
4819 posts

Uber Geek
+1 received by user: 3934

Trusted

  #2757948 10-Aug-2021 13:13
Send private message

Spark is aware of a security vulnerability (https://www.tenable.com/security/research/tra-2021-13) that is present on one of the modems offered to Spark and Skinny broadband customers (Spark Smart Modem - Arcadyan VRV9517). 

 

We have been advised by Arcadyan that they do not believe the vulnerability could currently be successfully exploited on our Spark and Skinny modems, due to the specific build of our modems. Our own testing supports this. We have been monitoring and blocking attempted attacks from the IP addresses identified by Juniper and while we have seen a low level of attacks since the weekend, we’ve seen no evidence so far of successful exploits against the Spark or Skinny Smart Modems. 

 

We’ve been working with Arcadyan and have been testing a new version of the modem software with a fix for the vulnerability since last week. As soon as this version is ready, it will automatically be pushed out to the relevant Spark and Skinny Smart Modems. 

 

We will provide an update when we have a new version available. For customers that are using the Smart Modems with non-Spark connections, we will make the updated FW with the vulnerabilities fixed available soon. I’ll advise here of the official download location (which will be from a Spark server).

 

Cheers - Neil G




Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.



Talkiet
4819 posts

Uber Geek
+1 received by user: 3934

Trusted

  #2766320 25-Aug-2021 09:00
Send private message

Sorry it took so long (but as pointed out the modems are not vulnerable to the attack as the most important vulnerability didn't exist in our device) - but here is the Spark firmware image for the VRV9517 that you can apply if your modem is not on the Spark network.

 

https://www.spark.co.nz/help/internet/security/spark-smart-modem-firmware-update

 

If you have a Skinny modem that you are using on a non-Skinny connection, you will need to call in to their Skinny helpdesk. I have been advised that they will make the FW available specifically to those customers that request it, even if you are not a current Skinny customer.

 

Cheers - N

 

 




Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright