Samsung’s Tizen OS Riddled With Security Holes
There are more than three dozen previously unknown flaws that pose a potential threat to consumers using some Samsung TVs, watches and phones, a security researcher reported Monday.
Hackers could exploit the vulnerabilities found in Samsung’s Tizen operating system to gain remote access and control of a variety of the company’s products, Amihai Neiderman, head of research at Equus Software, told Motherboard.
Neiderman presented his findings at a security conference sponsored by Kapersky Lab.
Tizen is running on some 30 million smart TVs, as well as on Samsung’s Gear smartwatches and on phones in a limited number of countries, including Russia, India and Bangladesh, according to the Motherboard report.
Samsung plans to have 10 million Tizen phones in the market this year and has announced the OS will be installed on its new line of smart washing machines and refrigerators, it added.
While all the vulnerabilities in the software allow a hacker to take control of devices running Tizen, a flaw Neiderman found particularly disturbing compromised the software used to install software through the app store for the OS.
Although the TizenStore software authenticates apps before they’re installed on a device, Neiderman exploited a vulnerability that let him gain control of apps before they could be authenticated.
Neiderman contacted Samsung months ago about his findings, he told Motherboard, but he received only an automated email message in response.
The company apparently has approached him about his research in recent days, however, and he has shared some information with the firm.