LG has rolled out patches to address critical security vulnerabilities in all 4 models of smart TVs running webOS. These models include LG43UM7000PLA, OLED55CXPUA, OLED48C1PUB, OLED55A23LA, with approximately 91,000 impacted devices, primarily in South Korea but also in other countries, including Thailand.
The vulnerability was discovered by Bitdefender, where hackers can access the root and control the TV at an OS level through the ThinQ app on mobile phones, bypassing the PIN entry to gain high-level privileges. However, the exploit has limitations as both the smart TV and mobile phone must be on the same network for the initial connection, which helps limit the extent of damage.
LG has stated that this firmware package will update automatically, but concerned users can manually check for updates through the TV’s Settings to see if the firmware has been applied.
Source: Bitdefender, Ars Technica
TLDR: LG has released patches to address security vulnerabilities in webOS smart TVs, discovered by Bitdefender, allowing hackers to control the TV OS through the ThinQ app on mobile phones. Firmware updates are available, with automatic updates or manual checks through TV Settings.
Leave a Comment