9萬臺LG智慧電視存在漏洞,攻擊者有機會遠端執行任意命令
· 2024-04-10
LG近期針對旗下執行WebOS作業系統的智慧電視發布修補程式,發現並通報漏洞的資安業者Bitdefender指出,從而在電視上擅自增加額外的使用者;這些弱點有可能被串連利用,使得攻擊者能夠遠端執行任意命令
資安業者Bitdefender在調查LG智慧電視的安全時,發現其搭載的作業系統WebOS存在4項漏洞,並指出這些漏洞影響執行4.9.7至7.3.1等多個版本WebOS的電視,有91,938臺可從網際網路存取的電視曝險。
研究人員指出,這些漏洞可被串連利用。第1個漏洞是CVE-2023-6317,允許攻擊者繞過WebOS的授權機制,從而在電視上植入額外的使用者;第2個CVE-2023-6318為權限提升漏洞,攻擊者能藉此取得root權限,完全接管裝置;另外兩個漏洞CVE-2023-6319、CVE-2023-6320是命令注入漏洞,CVE-2023-6319涉及顯示歌詞的程式庫,而CVE-2023-6320則與特定的API端點有關。
值得留意的是,上述漏洞幾乎都是危急等級、CVSS風險評分達9.1的漏洞,僅有CVE-2023-6317為高風險等級,CVSS風險評分為7.2。對此,研究人員於去年11月通報,LG在今年3月22日發布修補程式。
Popular articles
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
1spin4win releases unique slot Don Catleone Hold and Win featuring gangster cats
Online Game
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
