Samsung Smart TV Bug Allows Remote Access, Root Privileges

It turns out that some smart TVs are a little too smart for their own good–and the good of users. Some specific models of Samsung TVs that have Wi-Fi and other advanced capabilities have a flaw that enables an attacker to take a variety of actions on the TV, including accessing potentially sensitive data, remote files and information, the drive image and eventually gain root access to the device.

It turns out that some smart TVs are a little too smart for their own good–and the good of users. Some specific models of Samsung TVs that have Wi-Fi and other advanced capabilities have a flaw that enables an attacker to take a variety of actions on the TV, including accessing potentially sensitive data, remote files and information, the drive image and eventually gain root access to the device.

The issue affects many Samsung TVs, and the researcher who discovered the problem found that he could remotely access the remote control for the TV, retrieve files located on any USB drive attached to the TV and even install malicious software on the TV. Samsung produces a line TVs that have a variety of advanced capabilities, including the ability install apps such as Pandora, Skype and others. The TVs can be controlled by voice commands and by apps running on some Samsung phones and tablets. 

And now, they also can be controlled by attackers.

Luigi Auriemma, one of the founders of ReVuln, a security consultancy and research firm that discovers and sells zero-day vulnerabilities, found that the flaw in the Samsung smart TVs can be leveraged for a variety of different actions, most notably to gain root access to the vulnerable TV. ReVuln, as a matter of policy, doesn’t disclose vulnerabilities to vendors, but the company posted a video demonstration of the exploit for the Samsung TVs in action.

This is not the first time that Auriemma has taken aim at TVs. Earlier this year, he was looking for a way to reprogram the remote control for his brother’s Samsung TV when he stumbled upon a bug that enabled him to cause the TV to restart endlessly. That Samsung TV flaw was also present in some Blu-Ray players and Auriemma said that he was able to cause the endless restart loop in that case by altering a field in a packet sent by a remote control to the TV.

“This one is a new undisclosed one found with and for my ReVuln company that allows access to files and partitions available on the TV from remote,” Auriemma said via email.

“The video shows also a couple of scenarios in which is possible to abuse of such vulnerability for stealing sensitive information or controlling the TV (with the possibility of installing malicious software on it using some features of Smart TVs).”

In the video demonstration of the latest flaw in the smart TVs, Auriemma is able to remotely access and modify files on the TV or attached USB drives, access the drive image for the TV and even access and modify the configuration information for the TV’s remote control.

Smart TVs recently have begun showing up in large numbers in the U.S. market, as manufacturers try to bridge the gap between the Web and home entertainment one more time. They offer consumers the ability to mix Web-based content (or what’s usually thought of as Web content) such as apps and news content with normal TV programming and video streaming. This has been tried in a variety of forms over the last 10 years, and rarely with any success. But the emergence of app-focused devices such as smartphones and tablets have made the idea of accessing this kind of content on other devices such as TVs less jarring for users.

Auriemma said the best option for owners of vulnerable Samsung TVs is to disable the online functionality.

ReVuln – The TV is watching you from ReVuln on Vimeo.

Suggested articles

Cybersecurity for your growing business
Cybersecurity for your growing business