image credit: Pexels

Over 91,000 LG smart TVs running webOS are vulnerable to hacking

April 9, 2024

Bitdefender researchers discovered multiple vulnerabilities in LG webOS running on smart TVs that could be exploited to bypass authorization and gain root access on the devices.

The vulnerabilities discovered by the researchers impact WebOS versions 4 through 7 running on LG TVs.

“WebOS runs a service on ports 3000/3001 (HTTP/HTTPS/WSS) which is used by the LG ThinkQ smartphone app to control the TV. To set up the app, the user must enter a PIN code into the display on the TV screen.” reads the advisory. “An error in the account handler lets an attacker skip the PIN verification entirely and create a privileged user profile.”

Read More on Security Affairs