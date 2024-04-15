HOMEADVERTISESubscribeCONTACT
LG Finally Has A Patch For Their Vunerable TV's

By | 15 Apr 2024

LG Australia, have still not responded to questions about the vulnerability of the WebOS TV’s, that  for several years have allowed hackers, to easily access a home network via the TV operating system, built into thousands of their OLED and none OLED TV’s however we have discovered that their South Korean engineers have released a fix to the problem for new and current models.

The high-risk problem has been present in their TVs since 2019 and despite LG Australia knowing about the problem, they have failed to communicate information to consumers despite the Company being known for churning out press releases.

LG Electronics have issued a  media statement in the USA and other parts of the world but not Australia.

Management claim in a statement obtained by ChannelNews  “Security being one of our highest priorities at LG, the necessary patches have already been completed in all countries. We can confirm all affected LG Smart TVs will no longer be at risk once the provided patches have been applied. We encourage all customers to apply the latest updates and advise they enable automatic software updates.”

A search of the support pages at LG Electronics Australia fails to reveal information for consumers relating to the issue which has been described as being “serious”.

LG claim that their entire TV lineup from 2019 onwards will need to be updated.

Normally LG apply updates automatically via over the air updates. This is the same way that they have moved to deliver software to their TV’s that deliver advertising to WebOS customers.

The severe security vulnerabilities, which relate to errors in the TVs’ system to communicate with LG’s ThinQ smartphone app, were discovered in November 2023 by Bitdefender and are only now being disclosed as LG moves to deliver patches.

The most vulnerable are homes whose TVs are connected to a custom installed home network especially ones that are still using Ethernet cable to connect a TV into the network.

Security researchers who discovered the problem said “We have found several issues affecting WebOS versions 4 through 7 running on LG TVs. These vulnerabilities let us gain root access on the TV after bypassing the authorization mechanism. Although the vulnerable service is intended for LAN access only, Shodan, the search engine for Internet-connected devices, identified over 91,000 devices that expose this service to the Internet,” Bitdefender said in a press release.

 

The vulnerable LG TVs are:

webOS 4.9.7 – 5.30.40 (LG models from 2019)

webOS 5.5.0 – 04.50.51 (LG models from 2020)

webOS 6.3.3-442 (kisscurl-kinglake) – 03.36.50 (LG models from 2021)

webOS 7.3.1-43 (mullet-mebin) – 03.33.85 (LG models from 2022)

 

Update: All LG TV models running these webOS versions are affected.



