LG TVs at Risk of Security Vulnerabilities
A recent study conducted by Bitdefender has revealed a potential security threat associated with LG TVs, specifically those running on the LG WebOS TV operating system versions 4 through 7. These TVs are susceptible to security vulnerabilities that could be exploited by cybercriminals to gain unauthorized access and conduct surveillance on users.
One of the critical vulnerabilities identified, tracked as CVE-2023-6317, allows hackers to bypass the TV’s authorization mechanisms and add themselves as a user on the device. Subsequently, by leveraging another vulnerability, tracked as CVE-2023-6318, attackers can gain complete control over the TV, opening the door for the execution of command injections.
Moreover, by exploiting additional vulnerabilities designated as CVE-2023-6319 and CVE-2023-6320, threat actors can manipulate a music lyrics library to facilitate OS command injections or manipulate a specific API endpoint to inject authenticated commands, further compromising the device’s security.
The affected LG TV models include LG43UM7000PLA running webOS 4.9.7 – 5.30.40, OLED55CXPUA running webOS 5.5.0 – 04.50.51, OLED48C1PUB running webOS 6.3.3-442 (kisscurl-kinglake) – 03.36.50, and OLED55A23LA running webOS 7.3.1-43 (mullet-mebin) – 03.33.85. A patch has been released to address these vulnerabilities, with availability for the affected models starting from April 10. Users are advised to check the OS system version of their LG TVs to ensure that the patch has been successfully installed, mitigating the risk of exploitation.
Triple escalation of vulnerabilities
Discoveries by cybersecurity researchers indicate that the LG WebOS TV operating system versions 4 through 7 are plagued with security vulnerabilities that could potentially enable malicious actors to infiltrate users’ devices. These vulnerabilities, if exploited, can compromise user privacy and expose sensitive data to cybercriminals, emphasizing the importance of timely patching and security updates.
It is crucial for LG TV owners to prioritize the security of their devices by promptly applying software updates and patches to mitigate the risks posed by these vulnerabilities. By staying proactive and vigilant about cybersecurity threats, users can safeguard their privacy and ensure the integrity of their connected devices.
Ensuring the security of smart TVs and other IoT devices is paramount in today’s digital landscape, where cyber threats continue to evolve and target connected gadgets. By raising awareness about potential security risks and advocating for cybersecurity best practices, consumers can better protect themselves against emerging threats and vulnerabilities.