A vulnerability has been identified in several models of Samsung network-enabled TVs that could make them susceptible to attacks over their LAN (local area network).
The vulnerability was detected by Luigi Auriemma, an independent researcher, and would allow potential attackers to put the television sets into a endless restart loop that would require intervention by a technician. He tested the bug on a Samsung D6000 TV set that had the latest firmware updates installed. The bug itself is located on TCP port 55000 in the protocol that allows the TV to be remotely controlled by an iOS or Android app.
Getting access to a LAN that the TV set was connected to would allow a potential attacker to lock down the TV in an endless loop. Auriemma identified several other models of TV set from Samsung as well as Blu-ray players that use the same protocol, which also puts them at risk. He lists the TVs and Blu-ray players as follows but stresses that he has not been able to test these to confirm whether they have the same vulnerability.
– TV released in 2010 with Internet@TV feature
Models greater than or equal to LCD 650, LED 6500 and PDP 6500
– TV released in 2011 with AllShare feature
Models greater than or equal to LCD 550, LED 5500 and PDP 5500
– BD released in 2011 with Smart Hub feature
Models greater than or equal to BD-Player D5300
Models greater than or equal to BD-HTS D5000
BD-HDD Combo D6900/8200/8500/8900
Source: PC World