The patch fixes a series of vulnerabilities that could give attackers total control over the unit.
Although the initial hack requires access to the user’s home internet, further exploitation could occur remotely.
Nearly 100,000 TVs could be affected.
Security researchers at Bitdefender havediscoveredfour severe vulnerabilities affecting four LG smart TVs.
According to Shodan, a search engine for internet-connected devices, around 91,000 TVs are potentially vulnerable.
However, establishing the account enables the other exploits to be used remotely.
From there, vulnerabilityCVE-2023-6318can allow someone to perform remote code execution and gain root access by sending certain requests.
Meanwhile, exploitCVE-2023-6319makes command injections possible by manipulating the system the TV uses for displaying song lyrics.
The last vulnerability,CVE-2023-6320, can enable remote code execution as a dbus user through specific requests.
Those using the impacted TVs should look for a firmware update in the options menu.
Internet-connected household appliances can provide hackers with an often-ignored attack surface, as they can suffer from severe vulnerabilities.
For example, last year, researchers found thatTP-Link smart light bulbscould leak Wi-Fi passwords.
