Recent security researchers from the company ReVuln have published a demonstration video that demonstrates that her Smart TVs Philips are prone to attacks in cyberspace.
Σύμφωνα με τους ερευνητές, ορισμένες εκδόσεις των Philips Smart TV με την τελευταία αναβάθμιση του firmware εκτός του ότι αφήνουν ορθάνοιχτες πύλες στους hackers they are also vulnerable to cookie theft.
The error it comes from a feature of devices called Miracast, and allows TVs to act as a hotspot with a hard-coded WiFi password. Miracast allows nearby devices to connect to the device to receive the display signal, according to the THN..
“The main problem is that Miracast uses a fixed password, it doesn't need a PIN number and, moreover, it doesn't ask permission to allow the incoming connection,” Luigi Auriemma, CEO and security researcher at ReVuln, told SCMagazine.
The vulnerability allows an attacker within the Wi-Fi range of the device to access different functions. A potential intruder may:
- To gain access to archives TV settings
- Access files stored on USB devices connected to the TV
- Change what the victim sees on the screen with videos or images of his choice
- Control the TV via a remote control application
- And something also important to steal cookies that contain identity data from the TV browser
"So basically you just connect directly to the TV via WiFi, without restrictions. The Miracas feature is enabled by default and the password cannot be changed, "said Luigi.
Researchers tested vulnerability in a Philips 55PFL6008S model, but believe that many 2013 models are also affected because they run with the same firmware.
Philip says: "Our experts are looking into the matter and working to find a solution. In the meantime, we encourage our customers to turn off the device's Miracast feature until the firmware is updated. ”
