The flaw stems from Comcast s XR11, a popular voice-activated remote control for cable TV, which has more than 18 million units deployed across the U.S. The remote enables users to say the channel or content they want to watch rather than keying in the channel number or typing to search for content. Researchers found a serious vulnerability in the remote, allowing attackers to take it over. The ensuing attack, dubbed WarezTheRemote, does not require any interaction from the victim.
Source: https://threatpost.com/comcast-tv-remote-homes-snooping/159899/