A security vulnerability has been discovered in LG WebOS TV systems that allows attackers to gain complete control over affected devices by bypassing authentication mechanisms.
The vulnerability, disclosed during the TyphoonPWN 2025 LG Category competition where it won first place, affects LG WebOS 43UT8050 and potentially other versions of the smart TV platform.
Vulnerability Mechanics and Impact
The security flaw centers around the browser-service component within WebOS TV, which automatically opens port 18888 when users connect USB storage devices to their television.
This service is designed to allow peer devices to download files from specific directories including /tmp/usb and /tmp/home.office.documentviewer through the /getFile?path= API endpoint.
However, the critical weakness lies in the application’s failure to properly validate the path parameter, creating a path traversal vulnerability that enables unauthorized file downloads from anywhere on the device without requiring authentication.
This fundamental oversight transforms what should be a restricted file-sharing feature into a gateway for complete system compromise.
Attackers can exploit this path traversal vulnerability to access sensitive system files, particularly targeting the database file located at /var/db/main/ which contains authentication keys for peer clients that have previously connected to the device.
Once these authentication keys are obtained, attackers can effectively impersonate legitimate devices and bypass the security mechanisms protecting the secondscreen.gateway service.
Through compromised access to the secondscreen service, malicious actors can enable developer mode on the television, install unauthorized applications, and ultimately achieve full administrative control over the device.
This level of access allows attackers to monitor viewing habits, intercept network traffic, use the TV as a pivot point for lateral network movement, or deploy persistent malware.
LG has acknowledged the vulnerability and issued security advisory SMR-SEP-2025, which is available through their official security bulletin portal at lgsecurity.lge.com.
Users of affected LG WebOS TV models should immediately check for and install any available firmware updates to address this critical security flaw.
The exploitation process has been documented with proof-of-concept code utilizing Docker containers and custom Python scripts, demonstrating the practical feasibility of the attack.
This vulnerability represents a significant security risk for LG WebOS TV users, particularly those who regularly connect USB devices or operate their televisions on shared network environments.
Until patches are applied, users should avoid connecting untrusted USB devices and consider network segmentation to isolate smart TVs from critical network resources.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
Source link
