TCL TV security error, suspected of containing spyware

Security researchers said TCL TVs running Android were installed with “backdoor” software, linked to servers in China.

While studying cybersecurity infrastructure on a smart TV, security researcher nicknamed Sick Codes and John Jackson, security engineer at Shutterstock photo service, discovered a critical vulnerability in the samples. TV running Android manufacturer TCL.

First of all, 2 security houses have access to the entire file system of TCL TV through the Wi-Fi connection. They can even overwrite files without a password.

Security hole This is exploited from the file system of TCL TV running Android using the old and less secure HTTP protocol. It was credited with codes CVE-2020-27403 and CVE-2020-28055 after two researchers notified the American Computer Emergency Response Team (US-CERT) of Carnegie Mellon University.

TCL TVs running Android were found to install a Chinese “back door” application. Photo: TCL.

In the link received from Sick Codes, reporter Tom’s Guide Have full access to file systems stored on a TCL TV running Android in Zambia through an Android smartphone using the Chrome browser.

By exploiting these two vulnerabilities, hackers can send a malicious APK file, hijack the TV or download all of the TV’s data without the user’s permission.

The two researchers also discovered that an application called Terminal Manager Remote in TCL TV contains a list of server addresses ready to handle system files, usage logs and TV screenshots. A server which contains software update files for the TV, which can be accessed freely without a password.

In the photo provided, the servers are divided into 4 regions including mainland China, Asia-Pacific (including Hong Kong, Taiwan), one region for the Middle East, Africa, Europe, and one regions for Latin America, North America. According to Sick Codes, it’s China’s “backdoor” app.

“We called TCL support and explained the serious problem on TV. However, she said she had no contact with the security department, she didn’t even know if TCL had a security team … This is a full ‘backdoor’. If they want, they can turn on / off the TV, camera or microphone at their discretion, ”said Sick Codes.

After sending a warning to TCL on October 16, Sick Codes said the problem on the test TV was silently fixed on October 29, but there was no official response.

This person claimed that TCL simply accessed his TV and then closed the connection, not the update handled thoroughly. The TV models containing the vulnerability were not disclosed by Sick Codes, only referring to TCL TVs running Android.

If you are using a TCL TV, you need to check whether the software on the TV is Android or Roku because the vulnerability only appears on Android. In case the TV uses Android, make sure the Wi-Fi password is set strong enough, don’t share it with others. Next, go to the Wi-Fi router’s settings to disable access to the device from the external network.

According to the Statista, TCL is the 2nd largest LCD TV maker in 2019, with a global market share of 13%. In Vietnam, this manufacturer also launched a number of TVs running Android.

According to the Zing

Korea exposes the focal point for the certification of telecommunications equipment from China

Korea exposes the focal point for the certification of telecommunications equipment from China

In the telecommunications equipment license scandal in South Korea, Chinese security camera maker Hikvision violated the most by filing fake filings for 224 devices. Right behind on the list of violations are DJI and Huawei.


Leave a Reply

Your email address will not be published. Required fields are marked *