Kaon Group Co., Ltd. — 14 prefixes (MA-L)

The slug vendor-kaon consolidates the OUI footprint of Kaon — the South Korean maker known publicly as KAON MEDIA Co., Ltd. and now operating its broadband arm as Kaon Group / Kaon Broadband. In the local IEEE registry mirror the blocks resolve to "Kaon Group Co., Ltd.," with one block (10:E6:6B) carried under the subsidiary name "Kaon Broadband CO., LTD." at the same current address: 884-3, Seongnam-daero, Bundang-gu, Seongnam-si, Gyeonggi-do, KR 13517. Older blocks still show earlier Seongnam (Sungnam-City) addresses, which is normal registry drift as a company relocates without re-registering historic allocations. All 14 sampled blocks are MA-L (a 24-bit OUI prefix, up to ~16.7M addresses each); no MA-M or MA-S assignments were found. The hardware behind these prefixes is consumer premises equipment (CPE): Android TV / IPTV / OTT set-top boxes, DOCSIS 3.0/3.1 cable gateways, Wi-Fi 6 access-point routers, xDSL modems, PON devices, and 5G fixed-wireless gateways. Because these are ISP-deployed subscriber devices, encountering a Kaon OUI in a scan typically signals a residential-broadband endpoint rather than enterprise IT gear. Two public CVEs affect Kaon-branded CPE and are worth flagging for asset triage: CVE-2024-3659 (CVSS 4.0: 10.0 / 3.1: 7.2, OS command injection in the AR2140 Wi-Fi 6 router, fixed in firmware 3.2.50 / 4.2.16) and CVE-2021-43483 (CVSS 3.1: 8.0, missing authentication allowing unauthenticated config read/write on the CLARO-branded CG3000 DOCSIS 3.1 gateway). One naming caveat for data quality: the publicly documented KAON MEDIA prefix 00:72:98 appears under the "Kaon Media Co., Ltd." vendor name in third-party databases and is part of the same corporate group, but it is not among the 14 blocks present in the local registry mirror — treat company-name variants (Kaon Media / Kaon Group / Kaon Broadband) as one manufacturer when classifying.

IEEE assignment

14 prefixes → Kaon Group Co., Ltd. (one block, 10:E6:6B, under "Kaon Broadband CO., LTD.") [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv)

Registry / block size

MA-L (24-bit OUI, up to ~16.7M addresses each); all 14 blocks are MA-L, no MA-M/MA-S found [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv). NOTE: IEEE's public OUI data publishes NO assignment/registration date; any "date registered" on third-party tools (e.g. maclookup.app shows 2011-03-17 for the related 00:72:98 block) is a database artifact, not an IEEE fact.

HQ / country

884-3, Seongnam-daero, Bundang-gu, Seongnam-si, Gyeonggi-do, KR 13517 (current registry address on majority of blocks); older blocks carry earlier Seongnam/Sungnam-City addresses; country South Korea (KR) [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv)

Company status

active; founded 2001 [Confirmed] — en.wikipedia.org/wiki/Kaon_Media

Device types

set-top boxes (Android TV / IPTV / OTT), DOCSIS 3.0/3.1 cable gateways, Wi-Fi 6 AP routers, xDSL modems, PON devices, 5G FWA gateways — all consumer/subscriber CPE, not enterprise IT [Confirmed] — en.wikipedia.org/wiki/Kaon_Media, kaongroup.com/en, kaonbroadband.com

Notable products

AR2140 Wi-Fi 6 router; CG3000 DOCSIS 3.1 cable gateway [Confirmed] — speedguide.net, nvd.nist.gov

Verified sample prefixes (all MA-L)

94:3B:B1, 44:F0:34, 54:7E:1A, 80:8C:97, 04:D1:90, 74:3A:EF, 24:E4:CE, 98:39:10, 00:08:B9, 10:E6:6B (Kaon Broadband), 90:F8:91, 98:77:E7, 84:01:12, 18:34:AF [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv lines 126, 127, 7127, 8129, 15202, 15927, 15931, 22541, 23815, 31173, 31780, 31782, 31783, 31784)

Related names / data trap

KAON MEDIA Co., Ltd. and Kaon Broadband are the same corporate group; the separately documented prefix 00:72:98 ("Kaon Media Co., Ltd.") is NOT in the local registry mirror's 14 blocks but belongs to the same manufacturer — classify the name variants as one vendor [Confirmed] — en.wikipedia.org/wiki/Kaon_Media, maclookup.app/vendors/kaon-media-co-ltd

Security context

CVE-2024-3659 (CVSS 4.0: 10.0 / 3.1: 7.2 — OS command injection, CWE-77/78, in AR2140 firmware before 3.2.50 and 4.2.16; requires admin-portal access; reported by CERT.PL) and CVE-2021-43483 (CVSS 3.1: 8.0 — missing authentication for critical function, CWE-306, in CLARO KAON CG3000 v1.00.67; unauthenticated config read/write). Both are residential CPE; no enterprise/data-center device CVEs found [Confirmed] — nvd.nist.gov/vuln/detail/CVE-2024-3659, nvd.nist.gov/vuln/detail/CVE-2021-43483

Scale

exports 70–80% of output; serves 120+ operators across 80+ countries [Likely — single source] — en.wikipedia.org/wiki/Kaon_Media

Registration date

Unknown — IEEE publishes no OUI registration dates; null [Confirmed null] — IEEE MA-L

IANA reference

not applicable to OUI/MAC vendor entries (IEEE OUI registry does not cross-reference IANA RFCs); null [Confirmed null]

Analyst note

A Kaon OUI on a globally-administered address identifies genuine Kaon CPE — typically an ISP-deployed home set-top box or gateway. If the device is a CG3000 (DOCSIS) or AR2140 (Wi-Fi 6 router), check it against CVE-2021-43483 and CVE-2024-3659 respectively. Company-name variants (Media / Group / Broadband) are one manufacturer.