Login Sign Up

CVE-2022-23727

7.8 HIGH

📋 TL;DR

This is a privilege escalation vulnerability in LG webOS smart TVs that allows local attackers to gain higher system privileges through misconfigured environment settings. Attackers with physical or network access to the TV can exploit this to bypass security restrictions. Only LG webOS TVs with vulnerable configurations are affected.

💻 Affected Systems

Products:
  • LG webOS Smart TVs
Versions: Specific versions not publicly disclosed in CVE description
Operating Systems: webOS
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists due to wrong environment settings. Exact models and firmware versions should be checked against LG security bulletins.

📦 What is this software?

Webos by Lg

View all CVEs affecting Webos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains root/administrative access to the TV system, enabling complete control over the device, installation of malware, access to connected devices, and potential lateral movement to other network resources.

🟠

Likely Case

Local attacker gains elevated privileges to modify system settings, install unauthorized applications, access user data, or use the TV as a foothold for further attacks on the local network.

🟢

If Mitigated

With proper network segmentation and access controls, the impact is limited to the TV itself without affecting other network resources.

🌐 Internet-Facing: LOW (Requires local access to exploit, though internet-connected TVs could be targeted through other vulnerabilities)
🏢 Internal Only: HIGH (Exploitable by anyone with network or physical access to the TV on the local network)

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and specific operations to exploit. No public exploit code available as of CVE publication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check LG security bulletins for specific firmware versions

Vendor Advisory: https://lgsecurity.lge.com/bulletins/tv

Restart Required: Yes

Instructions:

1. Check your TV model and current firmware version. 2. Visit LG security bulletins to identify if your model is affected. 3. Update TV firmware through Settings > All Settings > General > About This TV > Check for Updates. 4. Restart TV after update completes.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate smart TVs on separate VLAN or network segment to limit lateral movement

Disable Developer Mode

all

Ensure developer mode is disabled if not needed for legitimate purposes

🧯 If You Can't Patch

  • Segment TV network from critical systems using firewall rules
  • Disable unnecessary services and features on the TV
  • Monitor network traffic from TV for suspicious activity
  • Consider physical security measures if TV is in sensitive locations

🔍 How to Verify

Check if Vulnerable:

Check TV firmware version against LG security bulletins. Navigate to Settings > All Settings > General > About This TV > Software Information.

Check Version:

Manual check through TV settings interface (no CLI available)

Verify Fix Applied:

Verify firmware version has been updated to patched version listed in LG security advisories.

📡 Detection & Monitoring

Log Indicators:

  • Unusual privilege escalation attempts
  • Unexpected process execution with elevated privileges
  • Unauthorized system modifications

Network Indicators:

  • Unusual outbound connections from TV
  • Suspicious network traffic patterns from TV IP

SIEM Query:

source="tv_logs" AND (event_type="privilege_escalation" OR process="sudo" OR user="root")

📊 Metadata

CVE ID: CVE-2022-23727
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: January 28, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON