Login Sign Up

CVE-2023-6318

9.1 CRITICAL
Remote Code Execution

📋 TL;DR

This CVE describes a command injection vulnerability in LG webOS TV software that allows authenticated attackers to execute arbitrary commands as root. The vulnerability affects webOS versions 5 through 7 on specific LG OLED TV models. Successful exploitation gives attackers complete control over affected smart TVs.

💻 Affected Systems

Products:
  • LG OLED55CXPUA
  • LG OLED48C1PUB
  • LG OLED55A23LA
Versions: webOS 5 through 7 (specific versions listed in CVE)
Operating Systems: webOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects specific TV models running vulnerable webOS versions. Requires authenticated access to exploit.

📦 What is this software?

Webos by Lg

View all CVEs affecting Webos →

Webos by Lg

View all CVEs affecting Webos →

Webos by Lg

View all CVEs affecting Webos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the TV system with root privileges, allowing installation of persistent malware, credential theft, network pivoting, and use as part of botnets.

🟠

Likely Case

Remote code execution leading to unauthorized access, data exfiltration, and potential use as an entry point to internal networks.

🟢

If Mitigated

Limited impact if network segmentation prevents TV access from untrusted networks and authentication is properly configured.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires authenticated access but command injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check LG security bulletins for specific patched versions

Vendor Advisory: https://lgsecurity.lge.com/bulletins/tv#updateDetails

Restart Required: Yes

Instructions:

1. Navigate to TV Settings > All Settings > General > About This TV > Check for Updates. 2. Install any available updates. 3. Restart the TV after update completion.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate smart TVs on separate VLAN or network segment to limit attack surface

Disable Unnecessary Services

all

Disable cloud upload and other unnecessary TV services if not required

🧯 If You Can't Patch

  • Disconnect TV from internet and use only as display device
  • Implement strict network access controls to prevent external access to TV services

🔍 How to Verify

Check if Vulnerable:

Check TV model and webOS version in Settings > All Settings > General > About This TV

Check Version:

Not applicable - check via TV settings interface

Verify Fix Applied:

Verify webOS version is updated beyond vulnerable versions listed in CVE

📡 Detection & Monitoring

Log Indicators:

  • Unusual command execution patterns
  • Unexpected process creation from com.webos.service.cloudupload service

Network Indicators:

  • Unusual outbound connections from TV
  • Suspicious requests to cloud upload service endpoints

SIEM Query:

Not provided - TV logs typically not integrated with enterprise SIEM

📊 Metadata

CVE ID: CVE-2023-6318
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-78
Published: April 9, 2024
Last Updated: February 7, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-6318, you might also want to check these:

CVE-2023-2564 10.0

This CVE describes an OS command injection vulnerability in scanservjs web scanning software that al...

Same vulnerability type (CWE-78)
CVE-2024-58338 10.0

Anevia Flamingo XL 3.2.9 contains a restricted shell escape vulnerability that allows remote attacke...

Same vulnerability type (CWE-78)
CVE-2025-26389 10.0

This critical vulnerability allows unauthenticated remote attackers to execute arbitrary code with r...

Same vulnerability type (CWE-78)