Sony Smart TV flaws provide attackers with root privileges and ability remotely access devices

• One of the three bugs discovered, a critical vulnerability, could allow an attacker to run arbitrary commands on the system.
• If successfully exploited, the flaws could even allow attackers to hijack the targeted device and enslave it as part of a massive botnet.

Three severe vulnerabilities were discovered inSony Bravia smart TV models, of which one is considered to be a critical flaw. The models affected by these vulnerabilities are R5C, WD75, WD65, XE70, XF70, WE75, WE6 and WF6.

The critical vulnerability, assigned as (CVE-2018-16593), could allow an attacker to could conduct command-injection attacks. The flaw is directly related to a Sony application called Photo Sharing Plus, which allows users to transfer multimedia content from their phones or tablets to their Smart TVs.

“This application handles file names incorrectly when the user uploads a media file. An attacker can abuse such filename mishandling to run arbitrary commands on the system, which can result in complete remote code-execution with root privilege,” Fortinet researcher, Tony Loi said in a report.

Potential attacks

A successful attack could lead to attackers compromising TVs, and could even allow attackers the ability to hijack the targeted device and enslave it as part of a massive botnet. An attacker could also use the infected smart TV as an entry point to launch attacks on other smart home devices connected to the same network. However, in order to orchestrate such an attack, hackers would require access to the same network used by the targeted Sony smart TV.

Two severe bugs

Another vulnerability listed (CVE-2018-16594), was categorized as a directory traversal vulnerability. It could allow an attacker to upload an arbitrary file with a crafted file name (e.g.: .../.../) that can then compromise the entire device’s file system.

The third bug listed as (CVE-2018-16595) is a stack buffer overflow vulnerability. According to Fortinet researchers, this bug exists due to insufficient size checking of user input, which in turn results in memory corruption.

Sony issued patches

Fortunately, Sony alreadyissued patches for the vulnerabilities on June 1, as Over-the-Air (OTA) updates. Users who have enabled automatic updates should already have received the updates. For those who prefer to update manually, it is recommended that you manually update the firmware from the settings section to remain safe from the potential attack.

An increasing number of SmartTVs have been manufactured and sold across the globe over the past few years. As their popularity grows, so does the risk of potential attacks. Meanwhile, Sony is not the only tech giant to have discovered flaws in its smart TVs. Earlier this month, Consumer Reports issued a report detailing vulnerabilities found in Samsung smart TVs. According to the report, the vulnerability could allow hackers to change TV channels, turn up the volume, play unwanted YouTube videos, or kick the TV off a WiFi connection.