More than 90,000 LG smart TVs are at risk of being remotely attacked by vulnerabilities in WebOS
Four vulnerabilities in the WebOS operating system running on LG smart TVs have been discovered by Bitdefender security researchers.
By exploiting these vulnerabilities, hackers can gain unauthorized access and control to varying degrees over the affected TV.
Hackers could exploit these vulnerabilities and use a service running on port 3000/3001, currently used to connect smartphones with a PIN, to create arbitrary accounts on the device.
Four vulnerabilities on LG's smart TVs identified by the research team include:
- CVE-2023-6317: Allows attackers to bypass the TV's permission mechanism and add users without user consent.
- CVE-2023-6318: Helps hackers gain root access after executing CVE-2023-6317.
- CVE-2023-6319: Command injection into the operating system and arbitrary command execution.
- CVE-2023-6320: Exploits the API to execute commands as the dbus user, a permission similar to root.
According to Bitdefender, there are about 91,000 LG devices affected by the vulnerability. Affected versions include:
- WebOS 4.9.7 - 5.30.40 running on TV series 43UM7000PLA
- WebOS 04.50.51 - 5.5.0 on OLED55CXPUA TV.
- WebOS 0.36.50 - 6.3.3-442 on OLED48C1PUB.
- WebOS 03.33.85 - 7.3.1-43 on OLED48C1PUB, OLED55A23LA.
Bitdefender said it notified LG after discovering the vulnerability late last year. However, it wasn't until the end of March that LG released the first update to fix the problem. Users can go to Settings > Support > Software Update > Check for updates.
LG has not yet commented.
According to Bleeping Computer, bad guys can take advantage of security issues on TVs as a point to attack other devices connected to the same network, steal online accounts, and create botnets (ghost computer networks) for attack methods. Denied DDoS service or silently installed cryptocurrency mining software.
You should read it
May be interested
- Nuca Camera: Controversial 'undressing' AI camerathe nuca camera prototype is equipped with a 37 mm lens and internet connectivity and uses ai to turn the person in the photo from clothed to nude.
- 5 Best Procreate Alternatives for Windowsto the detriment of many pc users, there is no procreate for windows. however, that doesn't mean you can't find a similar experience in other drawing programs.
- How to write mathematical formulas in Word very easilythere are 6 most popular ways to insert mathematical formulas in word: mathmagic, mathcast, equation, ink equation and math type. with word's built-in math formula writing tool, equation, you can insert the most common math formulas. ink equation helps write formulas faster, and if you need complex and diverse symbols, mathtype is your choice.
- Will there be Snapdragon X Plus with 5G Modem for Windows?previously, there was news that qualcomm is not only launching the snapdragon x elite chipset for windows pcs but is also developing a new variant called 'snapdragon x plus'.
- These are applications that can block you from upgrading to Windows 11 24H2 version24h2 will be the only major system update of windows 11 in 2024. this update is expected to be released around the end of the year.
- How to summarize YouTube videos using Geminigoogle gemini will also help you summarize videos like summarizing youtube videos on copilot. we will enable the youtube widget on gemini to use video content summaries.