Browse Definitions:
Definition

Misfortune Cookie

Contributor(s): Matthew Haughn

Misfortune Cookie is a firmware vulnerability in the firmware for some routers.

Once the embedded software running the device is exploited, the attacker can gain a command line interface (CLI). The device can then be used to gather data, steal credentials or upload malicious files to connected computers and compromise the network.

When the flaw was discovered in late 2014, it had already been in existence for a decade. The source of the issue is an error in the HTTP cookie-management mechanism in the device software. All the attacker has to do is send a single packet containing a malicious HTTP cookie to begin an exploit.

Lior Oppenheim, a researcher for network and endpoint security vendor Check Point Software Technologies Ltd., discovered the flaw, officially known as CVE-2014-9222. According to Check Point, the vulnerability affects over 12 million affected devices in 200 different models.  Any unpatched model using RomPager embedded web server software in a version earlier than v. 4.34 may be vulnerable.

Although there have not yet been any documented Misfortune Cookie router attacks, Check Point is publicizing the vulnerability as a wake-up call for small office and home (SOHO) networks and the embedded device industry.

See also: embedded device hacking

This was last updated in February 2015

Continue Reading About Misfortune Cookie

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

An interesting article... It would be more useful if it gave some ideas on how the consumer could know if their router was on a list that had the vulnerability.  The Mitre CVE linked too only says "AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability."
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces.

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...

SearchSecurity

  • FIDO (Fast Identity Online)

    FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the...

  • cryptanalysis

    Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with the aim of understanding how they work and finding and ...

  • Trojan horse (computing)

    In computing, a Trojan horse is a program that appears harmless, but is, in fact, malicious.

SearchHealthIT

SearchDisasterRecovery

  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

SearchStorage

  • cloud SLA (cloud service-level agreement)

    A cloud SLA (cloud service-level agreement) is an agreement between a cloud service provider and a customer that ensures a ...

  • wear leveling

    Wear leveling is a process that is designed to extend the life of solid-state storage devices.

  • storage area network (SAN)

    A storage area network (SAN) is a dedicated high-speed network or subnetwork that interconnects and presents shared pools of ...

SearchSolidStateStorage

  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.

Close