. home.aspx



Tenable Discloses Verizon Fios Router Vulnerabilities

April 09, 2019 / Sean Michael Kerner

Millions of homes across America have Verizon's Fios Quantum Gateway router as their primary conduit to the internet, and many of them could be at risk, according to new research from security firm Tenable. On April 9, Tenable publicly disclosed that it was able to find multiple vulnerabilities in the Verizon Fios Quantum Gateway (G1000) router. The impact of the flaws is that a remote attacker could potentially get unauthorized access to the router and, by extension, the user's entire network. Tenable responsibly disclosed the vulnerabilities to Verizon in December 2018 and waited until Verizon released a firmware update fixing the issues before issuing the public disclosure. "There are three separate flaws," Chris Lyne, senior research engineer at Tenable, told eWEEK. "However, the most impactful flaw is the authenticated command injection (CVE-2019-3914). This is remotely exploitable." The Verizon Fios Quantum Gateway was developed by Verizon and Greenwav...