Critical vulnerability in Sony Bravia Smart TV

Share this…

A group of experts discovered three vulnerabilities in eight Sony Bravia Smart TVs, one of them rated critical.Updating patch management is a crucial task for maintaining Internet of Things (IOT) devices, as smart objects surround us and represent a primary target for malicious hackers. A team of digital forensics experts recently discovered three vulnerabilities (a buffer overflow, a directory transversal, and a command-injection issue) on eight Sony Bravia smart TVs, one of which was rated as critical.

The Sony Bravia Smart TV models affected include R5C, WD75, WD65, XE70, XF70, WE75, WE6 and WF6.

The most serious vulnerability, identified as CVE-2018-16593, is a command-injection flaw residing in the Sony Photo Sharing Plus application that allows users to share multimedia content from their mobile devices through a Sony Smart TV.

According to experts in digital forensics, an attacker must share on the same wireless network as the Sony TV to trigger the vulnerability.

“This application handles file names incorrectly when the user loads a media file. An attacker can abuse this file name mishandling to execute arbitrary commands on the system, which can result in the complete remote execution of the code with root privileges”, the investigators mention in their security report.

The remaining vulnerabilities also affect Sony’s Photo Sharing Plus application running on Sony Bravia. The buffer overflow (CVE-2018-16595) is a “memory corruption vulnerability linked to the lack of disinfection of the user’s input”, the experts mentioned.

“This is a memory corruption vulnerability resulting from insufficient user input size verification. With a sufficiently long HTTP POST request sent to the corresponding URL, the application will be blocked”, the reminder continues.

The third flaw is a directory transversal vulnerability tracked as CVE-2018-16594 that relates to how the Photo Sharing Plus application handles file names.

“The application handles file names incorrectly by receiving a user’s input file by loading a URL. An attacker can load an arbitrary file with a false filename that can then traverse the entire filesystem”.

According to specialists in digital forensics from the International Institute of Cyber Security, Sony has provided an update patch to solve vulnerabilities, corrections must be approved by the user on their Sony Bravia Smart TV devices.

“If your TV is set up to receive updates automatically when connected to the Internet, it should have been updated. This is the default setting for affected models”, mentions the security notice published by Sony.

“To verify that your TV has been updated, visit the downloads section of your model’s product page. Click the firmware update link for details on how to verify the software version. If your TV has not yet been updated, follow the instructions to download and install the update”, the company notice concludes.