Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Smart TV. Show all posts
Vulnerabilities and Exploits
IoT devices Smart TV Threat Landscape Unauthorized access Vulnerabilities and Exploits

91,000 Smart LG TV Devices Susceptible to Unauthorised Remote Access

 

New vulnerabilities have been discovered in LG TVs that could allow unauthorised access to the devices' root systems, possibly exposing thousands of units worldwide. 

The finding, made as part of Bitdefender's continuing inspection of the popular Internet of Things (IoT) technology, focuses on vulnerabilities in WebOS versions 4-7, which are used in LG sets. The detected flaws allow unauthorised access to the TV's root system by circumventing the permission process. 

Despite its intended use for LAN access only, Shodan, an internet-connected device search engine, has identified over 91,000 devices that expose this service to the internet. 

Among the uncovered flaws, CVE-2023-6317 stands out because it allows attackers to bypass authorization methods, allowing unauthorised access to the TV's root system. Additionally, CVE-2023-6318 enables attackers to extend their access to root privileges, heightening the security risk. 

Furthermore, CVE-2023-6319 allows for the injection of operating system commands, whilst CVE-2023-6320 enables authenticated command injection. The concerned models are LG43UM7000PLA, OLED55CXPUA, OLED48C1PUB, and OLED55A23LA. Devices running WebOS versions 4.9.7 through 7.3.1 have been confirmed to be impacted. 

“Attackers could use the compromised Smart TV as a starting point to launch additional attacks against remote systems or hosts,” noted Thomas Richards, principal security consultant at the Synopsys Software Integrity Group.

According to the cybersecurity expert, if attackers get administrator access to the TV, the user's personal information, including login passwords, can be compromised. 

“Smart TV owners should not have their TVs directly connected to the internet. Keeping the TV behind a router will reduce the likelihood of a compromise since remote attackers will not be able to reach it,” Richards added. “Enabling the automatic update option on the TV will keep the TV up to date with vendor patches to remediate security risks.” 

Bitdefender's disclosure timetable highlighted the approach followed, with vendor notice taking place on November 1, 2023, some months before a fix delivery on March 22, 2024. In the face of emerging threats, prompt patching and upgrades are critical to minimising possible risks, safeguarding user privacy, and enhancing device security.
Read more »
Tech Industry
Android Backdoor Financial Fraud Personal Data Privacy Smart TV Supply Chain Attack Tech Industry

Discovering the Threat from Android TV Backdoors

Android TV streaming boxes are already commonplace in homes all over the world because they provide an easy method to access a wealth of content. A pernicious backdoor that poses a serious risk to user security and privacy, however, is concealed within some of these devices.

Recent investigations have revealed the worrying ubiquity of this backdoor, which permits unauthorized access to critical data. Reputable reports emphasize the severity of this problem, shocking the tech industry.

The backdoor, dubbed 'BADBOX,' has been found in thousands of Android TV boxes, turning them into potential ticking time bombs. It allows cybercriminals to gain unrestricted access to personal data, opening the door to identity theft, financial fraud, and other malicious activities. What's even more alarming is that this backdoor is notoriously difficult to detect and eliminate, as it's deeply embedded in the device's firmware.

Experts warn that these compromised devices are not limited to a specific brand or model. In fact, they are spread across various manufacturers, making it a widespread issue that affects a broad spectrum of users. This has raised concerns about the supply chain integrity of these devices, prompting calls for stricter quality control measures.

The implications of this security breach are far-reaching. Families, individuals, and businesses alike are at risk of falling victim to cyberattacks, putting their sensitive information in the wrong hands. As we increasingly rely on smart technology for convenience and entertainment, the need for robust cybersecurity measures has never been more pressing.

To combat this threat, manufacturers, government agencies, and cybersecurity specialists are working nonstop. Users are being urged to exercise caution and maintain their devices patched with the most recent security updates. Customers are also encouraged to buy equipment from reliable vendors and to exercise caution when contemplating unofficial or off-brand retailers.

The discovery of the Android TV backdoor is a sobering reminder of how rapidly cybersecurity dangers are changing. Our attempts to protect our digital lives must grow at the same rate as technology. We can all work together to create a better and more secure digital future by remaining informed, implementing best practices, and supporting industry-wide initiatives.
Read more »
Smart TV
malware Samsung Smart TV

Samsung advised its smart TV customers to scan for malware




Samsung recently advised smart TV users’ to scan their devices regularly as it is susceptible to malware just like PCs.

The company tweeted through their US Support Twitter account but later deleted the tweet without any reason. 

The tweet read: “Scanning your computer for malware viruses is important to keep it running smoothly. This also is true for your QLED TV if it’s connected to Wi-Fi! Prevent malicious software attacks on your TV by scanning for viruses on your TV every few weeks.”

The tweet also had a demonstration video showing how to scan your Samsung TV. 

This action has raised a question whether its smart TVs are vulnerable to virus attacks.

However, the firm clarified that the tweet was a response to a query made by a customer and nothing to worry. 

Scanning smart TV is really easy. Go to the settings menu on your Samsung TV and then select General. Click on System Manager and scroll down to Smart Security. 

Click on Smart Security, then select Scan and your Samsung TV will start scanning for viruses and malware.




Read more »
Subscribe to: Posts (Atom)