CyberSecurityBoard
Sponsor Register Login

LG releases updates for vulnerabilities that could allow hackers to gain access to TVs

Four new vulnerabilities affecting thousands of LG TVs have been found by researchers who said the issues could allow hackers to add themselves as users and take other actions.
Researchers from cybersecurity firm Bitdefender said the bugs - three of which carry a 9.1 out 10 severity rating - center on LG WebOS, the software that comes on most LG TVs. The vulnerabilities affect WebOS versions 4 through 7.
LG did not respond to requests for comment but released patches for the vulnerabilities as part of a software update on March 22.
Each of the vulnerabilities allows hackers to take a different action.
CVE-2023-6317 helps an attacker add an extra user to the TV set while CVE-2023-6318 allows a hacker to elevate the access they gained with the first bug and fully take over a device.
Two other bugs - CVE-2023-6319 and CVE-2023-6320 - allow attackers to drop malware on the device, monitor traffic or move throughout a smart home network.
Bitdefender researchers said a search on security tool Shodan initially showed that more than 91,000 LG devices around the world are exposed to the internet and vulnerable to these four bugs.
Since the publication of the report, that number has dropped to around 87,500 - more than half are located in South Korea, but thousands are also in Finland, Sweden, the U.S. and Hong Kong.
Bitdefender said it disclosed the issues to LG on November 1 and the company confirmed the issues two weeks later.
LG asked for an extension in December before patching the vulnerabilities last month.
Bitdefender noted that the vulnerabilities were found as part of a larger effort by the company to examine the security of popular IoT hardware.
IoT devices have become a popular target for hackers who often add exposed devices to powerful botnet networks that facilitate larger, more devastating attacks.
Jonathan has worked across the globe as a journalist since 2014.
Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
He previously covered cybersecurity at ZDNet and TechRepublic.


This Cyber News was published on therecord.media. Publication date: Tue, 09 Apr 2024 15:20:14 +0000


Cyber News related to LG releases updates for vulnerabilities that could allow hackers to gain access to TVs

Over 90,000 LG Smart TVs may be exposed to remote attacks - Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions of WebOS, the operating system used in LG smart TVs. The flaws enable varying degrees of unauthorized access and control over affected models, ...
11 months ago Bleepingcomputer.com CVE-2023-6317 CVE-2023-6318 CVE-2023-6319 CVE-2023-6320
LG releases updates for vulnerabilities that could allow hackers to gain access to TVs - Four new vulnerabilities affecting thousands of LG TVs have been found by researchers who said the issues could allow hackers to add themselves as users and take other actions. Researchers from cybersecurity firm Bitdefender said the bugs - three of ...
11 months ago Therecord.media CVE-2023-6317 CVE-2023-6318 CVE-2023-6319 CVE-2023-6320
Apple Releases Updates for Older Devices in 2021 - Apple released updates to many of its older devices in 2021, including the iPhones, iPads, and Macs. The updates are to address security vulnerabilities that were discovered in the company's older devices. Apple has previously released several ...
2 years ago Thehackernews.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
Chinese Hackers Hijack Software Updates to Install Malware - In order to obtain unauthorized access and control, hackers take advantage of software vulnerabilities by manipulating updates. By corrupting the updates, hackers can disseminate malware, compromise user data, and build backdoors for future attacks. ...
1 year ago Gbhackers.com
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
1 year ago Bleepingcomputer.com
Vulnerability Recap 4/15/24: Palo Alto, Microsoft, Ivanti Exploits - Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users' data security. Multiple Vulnerabilities Discovered in LG WebOS Smart TVs. Type of vulnerability: Authorization bypass, ...
10 months ago Esecurityplanet.com CVE-2024-21894 CVE-2024-29990 CVE-2024-3383 CVE-2024-3400
Cyber Security News Weekly Round-Up - The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive. According to recent findings from Morphisec ...
10 months ago Cybersecuritynews.com CVE-2023-6317 CVE-2023-6320
Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs - Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution ...
1 year ago Bleepingcomputer.com
Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
1 year ago Bbc.com
January 2024 Patch Tuesday forecast: A Focus on Printing - This article aims to provide a quick summary of some of the latest trends, announcements, and changes associated with IT patch operations while looking at the upcoming Patch Tuesday and what software updates to expect. December 2023 Patch Tuesday ...
1 year ago Helpnetsecurity.com
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
2 years ago Thehackernews.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
8 months ago Securityweek.com Silence
Why Have Big Cybersecurity Hacks Surged in 2023? - Payments made to hackers who hold systems hostage for ransom increased by almost half through September, according to blockchain analytics firm Chainalysis Inc., totaling almost $500 million in payouts. In just the past few months, hackers have ...
1 year ago Bloomberg.com LockBit
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
1 year ago Therecord.media Qilin
Why you might not be done with your January Microsoft security patches - The January patching window for your firm has probably come and gone. Has it? While January included a huge release of patches, several releases in other months have provided more than one headache for the patch management community. These are the ...
2 years ago Csoonline.com CVE-2022-41099 CVE-2022-37966
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media
CVE-2021-34527 - <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An ...
1 year ago
Hackers Fix Polish Train Glitch, Face Legal Pushback by the Manufacturer - In a recent cybersecurity incident, three Polish hackers achieved success in repairing the malfunctioning software of a train, initially serviced by independent repair shops for a regional rail operator. The narrative took a twist when accusations ...
1 year ago Hackread.com
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said. The hackers, dubbed Green Nailao, deployed ShadowPad ...
2 weeks ago Therecord.media
The Unlikely Romance of Hackers and Government Suitors - The annual Hack the Capitol event brings together a diverse group of scientists, hackers, and policymakers to educate congressional staffers, scholars, and the press about the most critical cybersecurity challenges facing our nation. Hack the Capitol ...
1 year ago Darkreading.com
Dozens of Bugs Patched in Apple TVs and Watches, Macs, iPads, iPhones - On Dec. 11, Apple released patches for dozens of vulnerabilities affecting iPhones, Macs, Apple TVs, Apple Watches, and its Safari browser. The long list includes 39 vulnerabilities fixed for macOS Sonoma version 14.2. Among them are CVE-2023-42914, ...
1 year ago Darkreading.com CVE-2023-42914 CVE-2023-42894 CVE-2023-42890 CVE-2023-42883 CVE-2023-42922 CVE-2023-42923 CVE-2023-42897
HackerOne paid ethical hackers over $300 million in bug bounties - HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception. Thirty hackers have earned over a million USD for their submissions, and ...
1 year ago Bleepingcomputer.com Inception Hunters
How To Secure Your ManageEngine Software from Known Exploited Vulnerabilities Catalog - Software providers and IT systems administrators are always looking for ways to keep their networks safe. The ever-evolving threat landscape and increasing sophistication of malicious hackers make security a key concern. Among the many technologies ...
2 years ago Securityaffairs.com
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws - Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days. The total count of 61 flaws does not include 2 Microsoft Edge flaws fixed on May 2nd and four ...
9 months ago Bleepingcomputer.com CVE-2024-30046

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)