Researchers at Neseso ??talked about the problem they found in the "smart" TVs Samsung, running the OS Tizen. Publicly disclose data on the vulnerability of experts forced that Samsung refuses to recognize the seriousness of the problem and fix it.

According to experts, the problem lies in the implementation of Wi-Fi Direct authentication technology, which is used in Samsung TVs. This mechanism allows users to not authenticate each time, instead the TV can be "paired" with any trusted device whose MAC address will eventually be added to the whitelist. After that, the user will receive notifications that the device from the whitelist has connected to the TV, but no more authentication is required.

In their report, researchers at Neseso ??emphasize the obvious: MAC-address can not only be intercepted (for example, when dealing with Wi-Fi sniffing), but it is also easy to forge.

That is, the attacker can easily pass himself off as a trusted device and gain full control over the TV, including access to the functions of remote control and screen duplication. Theoretically, the TV in general can be used as a starting point for penetrating the network to which it is connected.

Interestingly, Samsung representatives do not see this as a threat. Specialists Neseso ??notified Samsung of the problem in March 2017. And although the knowledge of the MAC address, in fact, allows you to completely avoid authentication, the developers of Samsung conducted an investigation and found no problem with this functionality.