THE TIMES OF HACKER

  • Home
  • Contact Us
Samsung Smart TVs running Tizen OS are prone to a security vulnerability that allows an attacker to impersonate a trusted device to obtain unrestricted access without authentication when connected via Wi-Fi Direct.

Researchers at Neseso which is an independent security consulting company with more than 10 years of experience in security research and vulnerability assessment told about the problem . 

According to Researchers , the problem lies in the implementation of authentication with Wi-Fi Direct technology, which is used in Samsung TVs. This mechanism allows users to not to authenticate every time, instead the TV can be "paired" with any trusted device whose MAC-address eventually gets added to the white list. The user will be notified that the device is connected from the white list from the TV, but no further authentication is required.

Once connected the attacker have access to all the services provided by the TV, such as remote control service or DNLA screen mirroring. If any of the services provided by the Smart TV, once connected using WiFi-Direct, is vulnerable the attacker could gain control of the Smart TV or use it to pivot and gain access to the network where the Smart TV is connected to. 

Interestingly, the Samsung representatives did not see this as any threat, in fact, allows you to completely bypass the authentication, the developers of Samsung conducted an investigation and found no problems in this functionality. 

Neseso recommends to remove all the white listed devices and avoid using the WiFi-Direct feature for the time being.
Older Posts Home

Search News

News

  • Arkansas JobLink Has Been Affected By A Security Incident.
  • Mastermind Hacker Adam Mudd Jailed for attacks on Sony and Microsoft
  • Uber is Spying On You - Apple IPhone Users
  • Hack In Paris Invites All The Hackers of The World
  • Hyundai Blue Link Application Software Potentially Expose Sensitive Information
  • Japanese Police Ask ISPs To Start Blocking Tor
  • Samsung Smart TV Wi-Fi Direct Improper Authentication
  • Ransomware Asks Extra Payment To Delete Files
  • Hard-coded Credential Flaw in Wireless Access Points Identified and Fixed
  • Hack In Paris 2015 Invites All Hackers .

Contact Form

Name

Email *

Message *

Powered by Blogger.

THE TIMES OF HACKER

About Us


The Times of Hacker is the InfoSec News Portal

Find By CATEGORIES

  • Hacker News (86)

Search News

Designed By OddThemes | Distributed By Blogger Templates