Researchers disclosed multiple smart TV vulnerabilities affecting LG webOS and Samsung Tizen OS, showing that consumer televisions can be compromised for deep system access. Bitdefender reported four flaws in LG webOS versions 4 through 7—CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320—that can let attackers bypass authorization, create a privileged account, inject commands, and escalate privileges to root. The attack surface was amplified by Internet exposure: the vulnerable LG control service was intended for LAN use, but more than 91,000 devices were reportedly visible via Shodan. LG confirmed the issues after notification and released fixes before public disclosure.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
5 events from the most recent confirmed update back to the earliest known activity.
Calif published a report titled "Codex Hacked a Samsung TV," documenting a Samsung TV compromise and adding further public technical information about attacks against Samsung television platforms. The article represents a separate disclosure event from the earlier Tizen research.
Bishop Fox released research on Samsung Tizen OS affecting versions through 9.0, adding public technical detail about security issues in Samsung smart TV software. The publication marked a new disclosure event for Samsung's TV platform.
On April 9, 2024, Bitdefender publicly disclosed technical details of four LG webOS vulnerabilities that could allow attackers to take over TVs, including root-level command execution. Reporting noted that more than 91,000 devices appeared exposed to the Internet via the affected LAN-oriented service.
LG confirmed the reported vulnerabilities and released fixes on March 22, 2024. The patched issues included CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320.
Bitdefender identified four vulnerabilities affecting LG webOS TV versions 4 through 7 and notified LG in November 2023. The flaws could be chained to bypass authorization, create a privileged user, and execute commands as root on affected televisions.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
4 references tracked. Mallory keeps watching after this page renders.
blog.calif.io
Open sourcebishopfox.com
Open sourcethehackernews.com
Open sourcebitdefender.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.