Quote:More details about a now-patched vulnerability in Comcast’s XR11 voice remotes have emerged, which would have made it easy for a threat actor to intercept radio frequency (RF) communications between the remote and the set-top box, effectively turning the remote into a surveillance device.
The XR11 remotes are some of the most common around, with more than 18 million scattered across homes in the U.S. A man-in-the-middle attack conducted by researchers at Guardicore, dubbed “WarezTheRemote,” allowed the team to listen in on conversations from up to 65 feet away.
The flaw was disclosed in October and has since been mitigated by Comcast, but researchers at AT&T Cybersecurity recently broke down more details on the bug. It also highlights the stakes in deploying armies of seemingly benign internet-of-everything (IoT) devices without basic security to protect them from being weaponized and abused by cybercriminals.
WarezTheRemote Vulnerability
Voice-controlled remotes like the XR11 are handy because they allow a user to push a button and just tell the TV what to do. To make it even easier to use, the old-school infrared control has been swapped out for RF controls, so users don’t have to have the device within line of sight of the set-top box to switch the channel.
“The combination of recording capabilities with RF-based communication led us to believe that the XR11 can be of particular interest to an attacker: RF enables contact with the remote from afar, which makes for a larger attack surface than a remote control would otherwise have, and the recording capability makes it a high-value target,” the Guardicore researchers wrote.
Read more: Comcast RF Attack Leveraged Remotes for Surveillance | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
