Threatpost – (International) Samsung smart TV bug allows remote access, root privileges. Some specific models of Samsung TVs that have Wi-Fi and other advanced capabilities have a flaw that enables an attacker to take a variety of actions on the TV, including accessing potentially sensitive data, remote files and information, the drive image, and eventually gain root access to the device. The issue affects many Samsung TVs, and the researcher who discovered the problem found that he could remotely access the remote control for the TV, retrieve files located on any USB drive attached to the TV and even install malicious software. One of the founders of ReVuln, a security consultancy and research firm that discovers and sells zero-day vulnerabilities, found that the flaw in the Samsung smart TVs can be leveraged for a variety of different actions, most notably to gain root access to the vulnerable TV. ReVuln, as a matter of policy, does not disclose vulnerabilities to vendors, but the company posted a video demonstration of the exploit for the Samsung TVs in action.
Ali Loney, on December 12, 2012