Sony is under the scanner after many models of its popular Smart TVs were found containing two major vulnerabilities. These security flaws were discovered by DarkMatter’s xen1thLabs team recently.
As per the two advisories released by the team, the flaws were found in an application called Photo Sharing Plus which is featured in Smart TVs that were running Android. Attackers could have abused these flaws to steal Wi-Fi passwords as well as photos stored in the TVs.
The big picture
What actions were taken - In its advisories, xen1thLabs mentions that these flaws were discovered in October 2018. The team reported the flaws to Sony in a bug bounty program. After a series of interactions, Sony confirmed the patches for these flaws and has altogether removed the app on affected TV models.
How to stay safe - Users of the affected Smart TV models are advised to update to the latest firmware. The affected models can be found here.