New vulnerabilities have been discovered in LG TVs that could allow unauthorised access to the devices’ root systems, possibly exposing thousands of units worldwide.
The finding, made as part of Bitdefender’s continuing inspection of the popular Internet of Things (IoT) technology, focuses on vulnerabilities in WebOS versions 4-7, which are used in LG sets.
The detected flaws allow unauthorised access to the TV’s root system by circumventing the permission process.
Despite its intended use for LAN access only, Shodan, an internet-connected device search engine, has identified over 91,000 devices that expose this service to the internet.
Among the uncovered flaws, CVE-2023-6317 stands out because it allows attackers to bypass authorization methods, allowing unauthorised access to the TV’s root system. Additionally, CVE-2023-6318 enables attackers to extend their access to root privileges, heightening the security risk.
Furthermore, CVE-2023-6319 allows for the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: