April 9, 2024 at 04:58PM
Researchers at Bitdefender have identified four vulnerabilities in LG webOS, affecting various smart TV models and exposing around 91,000 devices. These bugs include command injection, privilege escalation, and bypass vulnerabilities, tracked as CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320. LG released security updates after being alerted in November 2023. Users should check for updates to address the vulnerabilities.
Based on the meeting notes, the key takeaways are:
– Bitdefender researchers discovered four vulnerabilities in LG webOS, affecting multiple models of its smart television line.
– Approximately 91,000 exposed devices are vulnerable to these bugs despite being intended for local area networks.
– The vulnerabilities include command injection, privilege escalation, and bypass issues and are tracked as CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320.
– The impacted webOS versions and models are detailed in the notes.
– LG was informed of the vulnerabilities in November 2023, and they released security updates last month.
– Affected users who have not received alerts about the vulnerabilities or updates should navigate to “Settings,” “Support,” “Software Update,” and then select “Check for Update” on their TVs.
These takeaways highlight the severity of the vulnerabilities and the steps necessary for affected users to secure their devices.