EUVD-2019-15573

Malware in sbrugna...

CVE-2019-11890

Sony Bravia Smart TV devices allow remote attackers to cause a denial of service device hang or reboot via a SYN flood attack over a wired or Wi-Fi LAN...

Apple tvOS Information Disclosure Vulnerability (CNVD-2021-84234)

Apple tvOS is a set of smart TV operating systems from the American company Apple Apple. An information disclosure vulnerability exists in Apple tvOS. The vulnerability arises from errors in configuration or other errors in the operation of a networked system or product. An unauthorized attacker...

CVE-2020-28055

A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows a local unprivileged attacker, such as a malicious App, to read & write to the /data/vendor/tcl, /data/vendor/upgrade, and...

CVE-2020-28055

A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows a local unprivileged attacker, such as a malicious App, to read & write to the /data/vendor/tcl, /data/vendor/upgrade, and...

CVE-2020-28055

CVE-2020-28055 affects TCL Android Smart TV series V8-R851T02-LF1 V295 and earlier, and V8-T658T01-LF1 V373 and earlier. A local, unprivileged attacker can read/write to /data/vendor/tcl, /data/vendor/upgrade, and /var/TerminalManager, enabling fake system upgrades by writing to /data/vendor/upgr...

(Pwn2Own) Samsung Q60 Smart QLED TV JavaScript Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Q60 Smart QLED TV. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(Pwn2Own) Sony X800G Smart TV Vewd Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony X800G Smart TV. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

CVE-2019-6005

CVE-2019-6005 affects Smart TV Box firmware versions prior to 1300 (KDDI) where enabling LAN access after changing initial network settings allows remote attackers to access Android Debug Bridge on port 5555/TCP. The underlying issue is an access control error (CWE-284) that bypasses restrictions...

Watch a Drone Take Over a Nearby Smart TV

Smart TVs continue to look dumber by the day...

Design/Logic Flaw

Sony Bravia Smart TV devices allow remote attackers to cause a denial of service device hang or reboot via a SYN flood attack over a wired or Wi-Fi LAN...

CVE-2019-11890

CVE-2019-11890 affects Sony BRAVIA Smart TV devices. Connected sources confirm a remotely triggerable Denial of Service via a SYN flood over wired or Wi‑Fi LAN that can cause the TV to hang or reboot. The vulnerability targets the TV’s network handling; specific root cause, vulnerable components,...

CVE-2019-11889

CVE-2019-11889 affects Sony BRAVIA Smart TVs; multiple sources confirm a remote denial-of-service condition triggered by a crafted web page via HbbTV. The NVD entry lists CVSS v3.0 score 7.5 (Network, High impact on Availability, no confidentiality/ integrity impact) and CVSS v2.0 similar impact....

Sony BRAVIA Smart TV Denial Of Service

ADVISORY INFORMATION TITLE: Two vulnerabilities found in Sony BRAVIA Smart TVs ADVISORY URL: CVE-2019-11889 https://www.darkmatter.ae/xen1thlabs/sony-remote-denial-of-service-triggered-over-vulnerability-hbbtv-xl-19-014/ CVE-2019-11890...

Smart TV and then exposed vulnerabilities--Supra Smart Cloud TV vulnerability can cause the device to be hijacking-vulnerability warning-the black bar safety net

An attacker can take advantage of a smart TV vulnerability, the attack connected to the home router to get remote access. Supra smart TV in a not patched the vulnerability so that the same Wi-Fi network, the attacker can hijack the TV device, play their own content, such as a fake emergency...

Supra Smart Cloud TV - 'openLiveURL()' Remote File Inclusion

Exploit Title: Remote file inclusion Date: 03-06-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References: https://nvd.nist.gov/vuln/detail/CVE-2019-12477...

Smart-TV Bug Allows Rogue Broadcasts

An unpatched vulnerability in smart TVs would allow attackers on the same Wi-Fi network to hijack the TV set to broadcast their own content – including, potentially, fake emergency broadcast messages. Discovered by security researcher Dhiraj Mishra, the flaw CVE-2019-12477 is found in the SUPRA...

SUPRA Smart TV Flaw Lets Attackers Hijack Screens With Any Video

I have said it before, and I will say it again — Smart devices are one of the dumbest technologies, so far, when it comes to protecting users' privacy and security. As more and more smart devices are being sold worldwide, consumers should be aware of security and privacy risks associated with the...

CVE-2019-11336

Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password used when the TV is acting as an access point by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886...

CVE-2019-11336

Summary (CVE-2019-11336) : Sony Bravia/Smart TV devices running the Photo Sharing Plus feature are vulnerable to an information-disclosure issue. The vulnerability allows remote attackers (within network range) to retrieve the TV’s static Wi‑Fi password used when the TV acts as an access point, v...