LG TVs Under Threat: Critical Update Released

Z Patel

Smart TVs are the center of digital entertainment. They are the connectivity nexus for smart devices, services, and components. Recently, LG finds itself at the center of a cybersecurity storm as vulnerabilities in their popular TVs pose a serious threat to users.

A significant security concern has emerged for LG TV owners, with nearly 91,000 units globally at risk of unauthorized takeover. These vulnerabilities, identified in four LG TV models, were discovered late last year and prompted the release of a crucial security patch(es).

What’s Happening & Why This Matters

The affected models are widely used across South Korea, the United States, and several other countries. Affected models span different versions of LG’s webOS platform. The issue was unearthed by Bitdefender, a leading security firm, which found that these vulnerabilities could allow hackers to gain root access to the TVs. With root access, hackers can execute commands at the OS level that bypasses authentication measures.

This breach could potentially let attackers control the TVs remotely which poses significant privacy and security risks to users. The primary vulnerability, tracked as CVE-2023-6317, lies in a service intended for LG’s ThinkQ app; ThinkQ allows TVs to be controlled via smartphones. An error in this service could let an unauthorized user bypass the PIN code verification to gain privileged user status.

LG is one of most popular television brands worldwide. credit: business insider

Following this initial breach, attackers could exploit additional vulnerabilities to elevate their access further and inject malicious commands. These include CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320, each allowing for different methods of attack such as command injection and manipulation of specific application interfaces. Researchers cannot verify if attached devices (i.e., streaming devices, set-top boxes, gaming consoles) can be affected also.

TF Summary: What’s Next

In response to the vulnerability discovery, starting Wednesday, LG is rolling out updates for the affected models available through the TVs’ settings menu. LG is urging users to apply these updates immediately to protect their devices from potential attacks.

LG”s resolution of the issue shows cybersecurity risks extended to any and all smart devices. This incident highlights the friction between technology advancements and cybersecurity threats. Our homes are more connected than ever. Our reliance on smart devices remains a critical concern. Device manufacturers and users must stay vigilant by prioritizing updates and maintaining robust security practices to safeguard against such vulnerabilities. Security is a moving target — evolving and never stagnant.

Share This Article
Avatar photo
By Z Patel “TF AI Specialist”
Zara ‘Z’ Patel stands as a beacon of expertise in the field of digital innovation and Artificial Intelligence. Holding a Ph.D. in Computer Science with a specialization in Machine Learning, Z has worked extensively in AI research and development. Her career includes tenure at leading tech firms where she contributed to breakthrough innovations in AI applications. Z is passionate about the ethical and practical implications of AI in everyday life and is an advocate for responsible and innovative AI use.
Leave a comment