Flaw in Samsung Smart TVs Allows Attackers to Remotely Access Devices

ReVuln researchers have identified a zero-day that can be used to cause serious damage

By on December 11th, 2012 09:29 GMT

Security researchers from ReVuln have published a video to show how a remote attacker can leverage vulnerabilities in Samsung Smart TVs to access sensitive information, monitor the devices, and even gain control over them.

The video shows how an attacker can access files and other information, including TV settings and channel lists, SecureStorage accounts, widgets, history of movies played from a USB device, IDs, and firmware passwords.

The security hole even allows cybercriminals to read information from attached USB devices and remotely control the TV. Even worse, the flaw can be exploited to install malicious software.

The demonstration has been performed on a Samsung TV LED 3D, but the experts have told SC Magazine that they’ve tested the attack vector on various Samsung televisions.

They haven’t provided any details, but they claim that most of the devices running the latest version of the firmware are affected by this flaw.