Having a smart TV is one of the great benefits of modern technology. This, of course, is when your TV connects to the internet and lets you access your streaming services and apps without the need for another external gadget.
The idea makes a lot of sense: Combine the best parts of a set-top box and a television into one super-machine. Smart TVs have undoubtedly changed the way many of us watch television.
However, if you own one of these smart televisions, you need to know about these three critical flaws that have recently surfaced.
Smart TV flaws
Do you own any of these Sony Bravia smart TV models? If so, you should check and update your firmware to the latest version now or risk having hackers take over your gadget.
Security researchers from Fortinet have disclosed three critical bugs on a certain Sony smart TV that would have allowed attackers to execute remote code with elevated privileges.
This means they could have exploited the flaws, then install malware on the sets to use them as part of a botnet or even infect other gadgets in a home network.
Fun fact: The first electronic product that Sony produced was a badly designed rice cooker. It was apparently so terrible that it almost always overcooked or undercooked the rice. Needless to say, it was a commercial flop. Thank God, the company was able to steam back from that hot mess.
Affected Bravia models include the following:
The worst bug is a high severity bug in Sony’s Photo Sharing Plus application that can be exploited remotely without authentication by attackers who are on the same network as the TV. This could lead to remote code execution with elevated root privilege. This means that hackers who can manage to hop into your Wi-Fi home network can remotely take over your Bravia TV.
Note: Photo Sharing Plus is a stock Sony app that allows you to share photos and videos from your smartphone or tablet to your Bravia TV.
Another bug in Photo Sharing Plus is a directory traversal flaw that could allow an attacker to access your smart TV’s files. With this flaw, an attacker can upload a maliciously crafted file and have access to the smart TV’s entire file system.
The last bug in Photo Sharing Plus is a stack buffer overflow flaw that can lead to memory corruption. This stems from a Bravia TV’s insufficient size checking of user inputs.
Fortinet reportedly informed Sony about these flaws back in March. Sony confirmed the issues and began rolling out the firmware updates on June 1.
Here’s what to do
If you own any of the Sony TVs that are listed, please make sure you have the latest firmware installed in your Bravia smart TV.
Here the firmware versions you have to be in:
|TV Series||Firmware version required|
|R5C||v8.588 or later|
|WD75 and WD65||v8.215 or later|
|XE70 and XF70||v8.674 or later|
|WE75, WE6 and WF6||v8.414 or later|
By default, your Sony Bravia TV downloads and installs the latest firmware updates automatically. If not here’s how to check:
- Press the HELP button on your remote or open your TV’s Settings page >> Device >> System Update
- On the TV menu that appears, scroll down and select System software update
- Select “Check for a system software update”
- If there’s an update available, your TV will walk you through the update process.
Smart TV privacy is still a concern
Fortinet admits that although the security of smart TVs is improving, privacy issues still remain. Consumers should be aware of any user agreement updates that tend to expand the data collection activities of these connected TVs.
Before you purchase a smart TV (or if you already have one), make sure that you check its privacy settings and how it collects your viewing data. The ultimate solution against these privacy concerns is simple but maybe impractical — disconnect your smart TV from the internet. This, of course, renders features that rely on an internet connection, like streaming video services and weather apps, totally useless and may not be a viable option for some people.
How to protect yourself against smart TV hacks
If you’re really worried about the security implications of this emerging world of web-connected “Internet of Things” appliances, maybe just stay away from purchasing them altogether. If you think the convenience of having these smart gadgets is not worth the risk, then it’s your choice to keep them out of your home.
However, for average consumers who still want to take advantage of the benefits of current technology while keeping safety and privacy a priority, the best defense is to keep all your smart gadgets patched with the latest firmware.
Are you watching TV or is it watching you? Can the new generation of smart TV’s be hacked? Listen to this free Komando Consumer Tech Update podcast and find out.