U

Visitor

 • 

2 Messages

Monday, December 20th, 2021 10:18 PM

Closed

Xfinity Modem log4j vulnerability

I'm looking for information regarding the active exploit for Log4J in the wild.  Are the Xfinity modems vulnerable to this exploit CVE  2021-44228.  Any system/device using the Apache web service with Log4J would be vulnerable to it.

NVD - CVE-2021-44228 (nist.gov)

Expert

 • 

107.2K Messages

3 years ago

Concern moved here to the Customer Service help section for greater exposure to actual Comcast corporate employees (The Digital Care Team) for assistance.

Regular Visitor

 • 

9 Messages

Have we gotten confirmation that Xfinity routers are NOT vulnerable? 

Problem Solver

 • 

528 Messages

Hello! Thank you for reaching out to us! Could you please send our team a private message with your full name and full address? Our team can most definitely 
take a further look at this for you.

To send a "Peer to peer" ("Private") message:
Click "Sign In" if necessary
• Click the "Peer to peer chat" icon
• Click the "New message" (pencil and paper) icon
• Type "Xfinity Support" in the "To:" line and select "Xfinity Support" from the drop-down list which appears. The "Xfinity
Support" graphic replaces the "To:" line
• Type your message in the text area near the bottom of the window
• Press Enter to send it

I no longer work for Comcast.

Visitor

 • 

2 Messages

@XfinityCrystal A private mesage is the wrong approach here. You have thousands of customers with this same concern; it is not specific to any one account or one device. Every device running program code written in Java and using the standard Java Log4j logging utility is vulnerable to a simple hacking attack. This afects millions, possibly billions of devices around the world. We want confirmation that Xfinity routers are not vulnerable to this attack or that they have been updated to fix the vulnerability (and a way to confirm that our personal devices have been updated).

Problem Solver

 • 

493 Messages

Hi, @Go-Bears Thank you for taking the time to reach out to us in regard to this matter. We take these matters very seriously and do all that we can in order to ensure that we do our best when it comes to keeping you safe online. We have features like Xfinity xFi Advanced Security set in place to help with online security. This link will give you a brief overview of the service and how it works. We also have our Customer Security Assurance Team which is available 7 days a week from 6:00 am to 2:00 am. The Customer Security Assurance team is available to respond to issues pertaining to phishing, spam, infected computers (commonly referred to as bots), online fraud, and other security issues. You can reach out to them by clicking on the link provided above or by calling 1-888-565-4329. 

I no longer work for Comcast

Visitor

 • 

4 Messages

@XfinityCrystal I would be helpful if you could inform us if any Comcast system/device using the Apache web service with Log4J would be vulnerable to it.

Regular Visitor

 • 

10 Messages

3 years ago

+1 here.   Has anyone heard from them whether the routers are vulnerable(likelihood is very high due to the use of Java and likely apache)  and if an update has come out?

This comment was created from this reply

Visitor

 • 

4 Messages

3 years ago

What is Log4J? 

With the continuous coverage, it is pretty certain by now every 5th grader knows what Log4Shell is but just in case you missed the news, it is a recently discovered vulnerability in a ubiquitous Java logging framework LOG4J. The vulnerability has been given a CVSS Score of 10, making it the most serious of discovered flaws. Xfinity please provide us some feedback on this.

This comment was created from this reply

Regular Visitor

 • 

9 Messages

3 years ago

@Xfinity Support I sent a direct message and did not receive any reply.  Can someone please confirm whether or not Xfinity owned routers are vulnerable to Log4j?  It affects devices that run on apache.

This comment was created from this reply

Expert

 • 

31K Messages

3 years ago

@JC123456789 If you did not make a post about the issue and sent a DM without specifically being asked to, your DM may be ignored.  It is against the Forum Guidelines and the Acceptable Use Policy to send unsolicited DMs.

This comment was created from this reply

Regular Visitor

 • 

9 Messages

3 years ago

They did answer. And said that there is no known vulnerability on Xfinity rented equipment.  So as far as I can tell it is ok. 

Visitor

 • 

1 Message

@JC123456789​ 

Ok that's great for rented hardware however all the low income people who don't rent their gateways are they effected?

Official Employee

 • 

933 Messages

3 years ago

Hi there! We are aware of the issue are keeping an eye on it! 

Visitor

 • 

2 Messages

@XfinityMikeB @XfinityLuis  Thank you for the replies, but I still have not seen an official Comcast response actually addressing the Log4j/Log4Shell vulnerability. We are looking for either an unambiguous statement that there is no Log4Shell vulnerability, or that there is one and you are working on a patch to solve it, or that you are still investigating and will have an update by a specific date.  Although anyone who does not yet know if their systems are vulnerable at this point obviously does not take network security seriously. Please escalate this internally and get a formal response published ASAP.

"We are aware of the issue" does not tell us anything. This is not a virus or something that would be stopped by the XFinity firewall or xFi Advanced Security.  It is a (possible) bug in the actual router code or xFi Advanced Security code itself that could make it vulnerable to attack, and would require an update to the Comcast/XFinity code itself to fix.

Visitor

 • 

2 Messages

I sent @Xfinity Support  a private message as they requested.  

forum icon

New to the Community?

Start Here