Security researcher Luigi Auriemma recently discovered two vulnerabilites in network-connected Samsung devices that could enable an attacker to crash the device or take control of it remotely.
"Auriemma claims that the vulnerabilities will affect all Samsung devices with support for remote controllers, and that the vulnerable protocol is on both TVs and Blu-Ray enabled devices," writes Threatpost's Brian Donohue. "One of the bugs leads to a loop of endless restarts while the other could cause a potential buffer overflow. Auriemma discovered the issues accidentally. He told Threatpost via email that he was trying to play a trick on his brother. He only wanted to send a remote controller request with a funny message, but he ended up nearly destroying the TV."
"The devices listen on port 55000, where they receive control packets from iOS and Android smartphones," The H Security explains. "Auriemma said that, if these controller packets contain unexpected characters such as a line feed, the device will not accept any further commands after five seconds -- neither from a smartphone nor infrared remote or on the device itself. Apparently, the device begins to restart repeatedly after another five seconds."
"Auriemma also found a secondary bug that causes the device to crash if the MAC address field in the data packet contains an overly long string," writes PCWorld's Lucian Constantin. "He suspects that this is because of a buffer-overflow vulnerability, but can't confirm it because he doesn't want to damage his TV. Many buffer overflow vulnerabilities can result in arbitrary code execution. Auriemma didn't notify Samsung about the issues he found. 'I wanted to report the problems to Samsung but an email address doesn't exist for these types of bugs,' the researcher said."