Sony Smart TV’s ….clearly not smart enough, or secure!
By Cameron Abbott and Jessica McIntosh
Security researchers at Fortinet have found flaws in eight Sony Bravia Smart TV models and consequently have got us all thinking…… just how vulnerable does having a smart TV make us?
According to Fortinet the flaws found can facilitate complete ‘remote code execution with root privilege’, in other words – those with a Sony Smart TV are left totally exposed to an attack!
The vulnerability lies in three separate bugs, a stack buffer overflow, a directory traversal and a command- injection bug, critically they are all tied to a Sony App which allows users to share multimedia content from their personal devices via their Sony TV. According to Fortinet, when a user uploads content, the App operates poorly and stores the file name incorrectly – this mishandling allows an attacker ‘to run arbitrary commands on the system’, in essence allows them control of the TV via the App.
Fortinet found the consequences of a compromised TV mean they could then be recruited into a botnet or be used as a springboard for additional attacks against devices that share the network – all an attacker needs is to be on the same Wi-Fi network as the TV – and we all know this is possible.
What’s even worse is that we are becoming increasingly numb to this, reports like these are happening far too often, daily even, and has left many of us believing serious security threats and attacks are simply part and parcel of smart technology – but why should they be?
As the number of smart TV’s increase so too does the number of vulnerabilities inside them, therefore we urge consumers to inform themselves about these vulnerabilities so active steps can be taken – that way you can ensure your so called Smart TV is not only smart but also secure.