Linux-based Tizen: Critical bugs leave most Samsung Smart TVs open to attack

An independent researcher has discovered vulnerabilities that could potentially allow attacks on every Samsung device running Tizen.
Written by Andrada Fiscutean, Contributor

Security researcher Amihai Neiderman presented his findings of more than 40 vulnerabilities in Tizen.

Image: Andrada Fiscutean/ZDNet

Almost every Samsung Smart TV set sold in the past two years is vulnerable to hackers, according to independent Israeli security researcher Amihai Neiderman.

He has found dozens of vulnerabilities while studying Linux-based Tizen, the operating system that powers the devices.

Some of the software bugs "felt like 2005", he said, arguing that the OS hasn't been designed with security in mind and isn't up to any modern standards.

"I've found over 40 different vulnerabilities in Tizen. Almost every system app is vulnerable," Neiderman said.

His research, presented on Monday during Kaspersky's Security Analyst Summit, is one of the first to tackle the security of Tizen, an open-source operating system developed by Samsung together with Intel and several other companies in an effort to become less dependent on Google's Android.

The Israeli researcher was able to hack into his Samsung Smart TV by using one of the critical flaws he found in the Tizen Store app, the Tizen equivalent of Apple's iTunes or Google's Play Store.

This app is full of privileges, because it allows the installation of other apps on the device. By using this vulnerability, an attacker could place malicious code on the Smart TV to control it. Over the past two years, several reports of smart TVs spying on their users have emerged.

Neiderman also tested his findings on two Tizen smartphones, the Samsung Z1 and Z3, which he bought on eBay.

Tizen OS runs on 21 million Smart TV sets, according to the researcher. It's also present on Samsung Z1, Z2, and Z3 smartphones sold mainly in India, on the company's Gear smartwatches and wearables, several NX cameras, in-vehicle infotainment systems, and even on home appliances, including an air conditioner, a vacuum cleaner, a washing machine, and a refrigerator.

"I decided to start and research Tizen because it seems that nobody was doing it," Neiderman said.

He showed during the presentation that the Tizen ecosystem is expanding, with the company encouraging developers to build apps for it, and adding more infrastructure to support the planned growth of the user community around the OS.

"It looks like Samsung is planning something big for Tizen," Neiderman said. "There's a great chance that we'll see [next year's] Galaxy S9 coming with Tizen, and the OS is not mature enough."

He said he had emailed Samsung several months ago to notify the company about the vulnerabilities, but hasn't heard back. He was only contacted when the South Korean company heard about his talk.

Samsung told ZDNet that it will analyze the Israeli researcher's findings. "We are fully committed to cooperating with Mr Neiderman to mitigate any potential vulnerabilities," a Samsung spokesperson said.

"Through our SmartTV Bug Bounty program, Samsung is committed to working with security experts around the world to mitigate any security risks."

Disclosure: Andrada Fiscutean travelled to St Maarten as a guest of Kaspersky.

Read more on Tizen

Editorial standards