Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Philips smart TVs open to remote attacks via default wireless connection, researchers say

Lucian Constantin | March 31, 2014
The latest firmware for some Philips smart TVs opens an insecure Miracast wireless network by default, security researchers from ReVuln said.

The directory traversal vulnerability in JointSpace was publicly disclosed in September by researchers from a Berlin-based security consultancy firm called Schobert IT-Security Consulting. The flaw doesn't appear to have been fixed by Philips and still exists in the latest firmware version -- 173.46, according to the ReVuln researchers.

However, even if this vulnerability is patched, the insecure Miracast wireless network still enables other attacks, like transmitting attacker-controlled video and audio content to the TV or remotely controlling the TV through an external application.

"We recognize the security issue as reported by ReVuln linked to Miracast on the high-end 2013 Philips Smart TVs," said Eva Heller, head of global communications at TP Vision, a joint venture between Philips and TPV Technology that manufactures and sells Philips-branded TVs, in an emailed statement. "Our experts are looking into this and are working on a fix."

TP recommends that, in the meantime, consumers switch off the Wi-Fi Miracast function of the TV. To do this, they need to press the HOME button, navigate to Setup, select Network Settings, navigate to Wi-Fi Miracast and set that to OFF.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.