Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11More than 90,000 LG smart TVs are at risk of being remotely attacked by vulnerabilities in WebOS
Four vulnerabilities in the WebOS operating system running on LG smart TVs have been discovered by Bitdefender security researchers.
By exploiting these vulnerabilities, hackers can gain unauthorized access and control to varying degrees over the affected TV.
More than 90,000 LG smart TVs are at risk of being remotely attacked by vulnerabilities in WebOS Picture 1
Hackers could exploit these vulnerabilities and use a service running on port 3000/3001, currently used to connect smartphones with a PIN, to create arbitrary accounts on the device.
Four vulnerabilities on LG's smart TVs identified by the research team include:
- CVE-2023-6317: Allows attackers to bypass the TV's permission mechanism and add users without user consent.
- CVE-2023-6318: Helps hackers gain root access after executing CVE-2023-6317.
- CVE-2023-6319: Command injection into the operating system and arbitrary command execution.
- CVE-2023-6320: Exploits the API to execute commands as the dbus user, a permission similar to root.
According to Bitdefender, there are about 91,000 LG devices affected by the vulnerability. Affected versions include:
- WebOS 4.9.7 - 5.30.40 running on TV series 43UM7000PLA
- WebOS 04.50.51 - 5.5.0 on OLED55CXPUA TV.
- WebOS 0.36.50 - 6.3.3-442 on OLED48C1PUB.
- WebOS 03.33.85 - 7.3.1-43 on OLED48C1PUB, OLED55A23LA.
Bitdefender said it notified LG after discovering the vulnerability late last year. However, it wasn't until the end of March that LG released the first update to fix the problem. Users can go to Settings > Support > Software Update > Check for updates.
LG has not yet commented.
According to Bleeping Computer, bad guys can take advantage of security issues on TVs as a point to attack other devices connected to the same network, steal online accounts, and create botnets (ghost computer networks) for attack methods. Denied DDoS service or silently installed cryptocurrency mining software.
Micah SotoYou should read it
- What is a Smart TV?
- Top 5 best Smart TVs of 2023
- 8 VPNs that can be used on Smart TVs
- This is why you should use smart lights
- The difference between Smart TV and Internet TV
- How is it called 'smart device'?
- 12 'must-have' devices for smart home (Smart Home)
- 4 best smart glasses in 2019
- What is Smart Home Smart Home?
- Top 6 best smart monitors of 2019
- How to turn off user tracking on Smart TV of Vizio, LG ...
- Top 5 Best Smart TVs 2021
Tech info
Nuca Camera: Controversial 'undressing' AI camera- 5 Best Procreate Alternatives for Windows
- How to write mathematical formulas in Word very easily
- Will there be Snapdragon X Plus with 5G Modem for Windows?
- These are applications that can block you from upgrading to Windows 11 24H2 version
- How to summarize YouTube videos using Gemini
Nuca Camera: Controversial 'undressing' AI camera
5 Best Procreate Alternatives for Windows
How to write mathematical formulas in Word very easily
Will there be Snapdragon X Plus with 5G Modem for Windows?
These are applications that can block you from upgrading to Windows 11 24H2 version
How to summarize YouTube videos using Gemini