As many as 91,000 LG TVs are at risk of being seized unless they receive a just-released security update to fix four critical vulnerabilities discovered late last year.
The vulnerabilities were found in four LG TV models that collectively have just over 88,000 units worldwide. according to Results returned by Shodan search engine for Internet-connected devices. The vast majority of these units are located in South Korea, followed by Hong Kong, the United States, Sweden and Finland. The models are:
- LG43UM7000PLA running webOS 4.9.7 – 5.30.40
- OLED55CXPUA running webOS 5.5.0 – 04.50.51
- OLED48C1PUB running webOS 6.3.3-442 (kisscurl-kinglake) – 03.36.50
- OLED55A23LA running webOS 7.3.1-43 (multiple) – 03.33.85
As of Wednesday, updates are available through the settings menu for these devices.
Got root?
According to Bitdefender – the security company that discovered the vulnerabilities – malicious hackers can exploit them to gain root access into devices and inject commands that work at the operating system level. The vulnerabilities, which affect internal services that allow users to control their devices using their phones, allow attackers to bypass authentication procedures designed to ensure that only authorized devices can benefit from the capabilities.
“These vulnerabilities allow us to gain root access on the TV after bypassing the authorization mechanism,” researchers at Bitdefender said Tuesday wrote. “Although the vulnerable service is intended for LAN access only, Shodan, a search engine for Internet-connected devices, identified more than 91,000 devices that expose this service to the Internet.”
The main vulnerability that makes these threats possible lies in a service that allows TVs to be controlled using LG's ThinkQ smartphone app when they are connected to the same local network. The service was designed to require the user to enter a PIN to prove authorization, but a bug occurred that allowed someone to skip this verification step and become a premium user. This vulnerability is tracked as: CVE-2023-6317.
Once attackers have this level of control, they can continue to exploit three other vulnerabilities, specifically:
- CVE-2023-6318allowing attackers to leverage their root access
- CVE-2023-6319which allows operating system commands to be entered by manipulating a library to display music lyrics
- CVE-2023-6320which allows an attacker to inject authenticated commands by manipulating the com.webos.service.connectionmanager/tv/setVlanStaticAddress application interface.
More Stories
It certainly looks like the PS5 Pro will be announced in the next few weeks.
Leaks reveal the alleged PS5 Pro name and design
Apple introduces AI-powered object removal in photos with latest iOS update