Sick Codes, recently reported some major flaw in TCL’s Android TVs. Sick Codes did a thorough investigation with another security researcher and Shutterstock application security engineer, John Jackson. The investigation ran for three-whole months, and to their surprise and dismay, when they informed about these vulnerabilities to TCL, which is now the 3rd largest TV manufacturers in the world, they, initially, got no suitable response!
Hackers at Sick Codes were researching various TV products, and during the research, they stumbled upon some mind-boggling vulnerabilities in TCL’s smart tv models. They found out that anyone can access a TCL smart TV file system over Wi-Fi through an undocumented TCP/IP port. The intruder can then collect all the information from the file system, delete files, or even overwrite files without ever needing a password or any other form of security clearance.
Now, when Sick Codes and John Jackson delved into this matter, they discovered a TCL TV app, ‘Terminal Manager Remote,’ to be a backdoor! This means that this is not an accidental flaw. Rather, it is a deliberate flaw or a factory-flaw that was deliberately created to provide unauthorized access to anyone in the TCL smart TV file system. Now, this can also mean that the company also can access any consumer model anytime they want, make changes however they want! This is so wrong on so many levels, and it bothered the two security researchers a lot too. But they were not sure if this backdoor was a means to receive information or leak it.
Sick Codes and John Jackson were interviewed by Tom’s Guide, and to prove their point, they even provided the site with a suspicious URL that let the writer access a TCL smart TV in Zambia when that user had switched it on. That innocent person did not even know that while they were watching television, someone was able to get into their TV’s file system and could do anything with their files without their knowledge! And this backend activity continued until that user switched off their device.
The researchers also found out that the Roku-based TCL smart TVs are not plagued with this security issue.
When these researchers tried to contact TCL about this vulnerability, there was no proper response. The support employee had the audacity to tell these researchers that they did not even know if TCL had a Security team who could look into this matter! Then, these researchers contacted the US Computer Emergency Response Team. They also took some time to reply but they told the researchers to disclose the flaw if the company is not taking any interest.
After a while, one day, all of the sudden, Sick Codes found out that the problem got fixed with a patch that was provided by TCL. That was when Sick Codes realized that someone from TCL logged in to their TV and closed that TCP/IP port! And that was all! However, Sick Codes also found out that the patch did not work for all TCL TV models, and that the backdoor is still open even if the port has been closed!
Later on, in a statement, TCL acknowledged that it was notified by two security researchers about the flaw and its working on a fix.
Read next: Research Shows Google Play Store Is The Main Source of Malware On Millions of Android Phones
Hackers at Sick Codes were researching various TV products, and during the research, they stumbled upon some mind-boggling vulnerabilities in TCL’s smart tv models. They found out that anyone can access a TCL smart TV file system over Wi-Fi through an undocumented TCP/IP port. The intruder can then collect all the information from the file system, delete files, or even overwrite files without ever needing a password or any other form of security clearance.
Now, when Sick Codes and John Jackson delved into this matter, they discovered a TCL TV app, ‘Terminal Manager Remote,’ to be a backdoor! This means that this is not an accidental flaw. Rather, it is a deliberate flaw or a factory-flaw that was deliberately created to provide unauthorized access to anyone in the TCL smart TV file system. Now, this can also mean that the company also can access any consumer model anytime they want, make changes however they want! This is so wrong on so many levels, and it bothered the two security researchers a lot too. But they were not sure if this backdoor was a means to receive information or leak it.
Sick Codes and John Jackson were interviewed by Tom’s Guide, and to prove their point, they even provided the site with a suspicious URL that let the writer access a TCL smart TV in Zambia when that user had switched it on. That innocent person did not even know that while they were watching television, someone was able to get into their TV’s file system and could do anything with their files without their knowledge! And this backend activity continued until that user switched off their device.
The researchers also found out that the Roku-based TCL smart TVs are not plagued with this security issue.
When these researchers tried to contact TCL about this vulnerability, there was no proper response. The support employee had the audacity to tell these researchers that they did not even know if TCL had a Security team who could look into this matter! Then, these researchers contacted the US Computer Emergency Response Team. They also took some time to reply but they told the researchers to disclose the flaw if the company is not taking any interest.
After a while, one day, all of the sudden, Sick Codes found out that the problem got fixed with a patch that was provided by TCL. That was when Sick Codes realized that someone from TCL logged in to their TV and closed that TCP/IP port! And that was all! However, Sick Codes also found out that the patch did not work for all TCL TV models, and that the backdoor is still open even if the port has been closed!
Later on, in a statement, TCL acknowledged that it was notified by two security researchers about the flaw and its working on a fix.
Read next: Research Shows Google Play Store Is The Main Source of Malware On Millions of Android Phones