Samsung Smart TV Wi-Fi Direct Improper Authentication

Samsung Smart TVs running Tizen OS are prone to a security vulnerability that allows an attacker to impersonate a trusted device to obtain unrestricted access without authentication when connected via Wi-Fi Direct.

Researchers at Neseso which is an independent security consulting company with more than 10 years of experience in security research and vulnerability assessment told about the problem . 

According to Researchers , the problem lies in the implementation of authentication with Wi-Fi Direct technology, which is used in Samsung TVs. This mechanism allows users to not to authenticate every time, instead the TV can be "paired" with any trusted device whose MAC-address eventually gets added to the white list. The user will be notified that the device is connected from the white list from the TV, but no further authentication is required.

Once connected the attacker have access to all the services provided by the TV, such as remote control service or DNLA screen mirroring. If any of the services provided by the Smart TV, once connected using WiFi-Direct, is vulnerable the attacker could gain control of the Smart TV or use it to pivot and gain access to the network where the Smart TV is connected to. 

Interestingly, the Samsung representatives did not see this as any threat, in fact, allows you to completely bypass the authentication, the developers of Samsung conducted an investigation and found no problems in this functionality. 

Neseso recommends to remove all the white listed devices and avoid using the WiFi-Direct feature for the time being.