Joseph Hutchins

**Name of the Vulnerable Software and Affected Versions** AT&T U-verse firmware version 9.2.2h0d83 for Arris NVG589 and NVG599 devices **Description** The issue concerns the configuration of an sbdc.ha WAN TCP service on port 61001 with a specific account and password, allowing remote attackers to obtain sensitive information, such as the Wi-Fi password, by leveraging knowledge of a hardware identifier. This is related to the Bulk Data Collection (BDC) mechanism. **Recommendations** For AT&T U-verse firmware version 9.2.2h0d83, consider disabling the sbdc.ha WAN TCP service on port 61001 as a temporary workaround until a patch is available. Restrict access to the bdctest account to minimize the risk of exploitation.