Critical Vulnerabilities Discovered in World’s Largest Android TVs

Television is a medium for entertainment, advertising, information and sports. With the advent of technology an integrated integration with applications such as Netflix, YouTube, etc. is offered.

TCL is the third largest TV manufacturer in the world and meets tons of worthy competitors. A recently released security report by the researcher revealed several serious vulnerabilities in Android TCL TVs.

First study

While examining the low-budget Android boxes, the researcher found several serious flaws in the way these devices were designed.

Without knowing the nuances of each device, all smart TV products are based on Android.

There are four types of products on the TV market, such as USB sticks, TV boxes, smart TVs and Android TVs.

These are all single board computers (SBC) based on MRA. Most of them are 32-bit, about 64-bit, but they all look like a small competitor of Raspberry Pi, which specialises in GPU performance with small but powerful GPUs.

Security issues in USB flash drives

Each stick tested had at least one of the following serious safety deficiencies.

  • Open port 22 and allow SSH access as root: root from the box
  • Port 5555 is open and allows an unauthorized android (adb) to be root: root out of the box
  • Root interface device with files that can be run in multiple locations worldwide
  • Open WiFi network with running adb and ssh daemons

After seeing how depressing or missing the security of these devices was, I wanted to write a very large proof of concept, in the form of a real worm shell that would go back and forth between the 4 or 5 TV controllers I had, the security researcher explains.

TCL Smart TV Study

TCL is a large Chinese electronics manufacturer. The Group is increasing its share of the world market at an interesting pace.

The investigator performed a remote desktop session and performed a mundane nmap scan on the TV to find out what had gone wrong in the box.'s-Largest Android TVs.png

When using nmap Android Mobile we usually find 0 open TCP port. But in this case, there are many open gates. Although there are some reasons why television sets should have open ports, some of the above services required a much more detailed examination.

In a remote desktop session, where all URLs were entered manually into an online browser, some pages were empty and empty. This may indicate an API end point. For some pages the browser is simply blocked.

After receiving the rest of the nmap scan, port 7989 displayed error 404. This means the file exists, but we’re not allowed to see it. Http:// did not return the pages in the browser (as shown below).'s-Largest android TVs.png

Port 7989 is not listed as a standard TCP/UDP port by the Internet Assigned Numbers Authority (IANA). This means that most scanners will not pass through this port without scanning all 65,535 ports.

Second, the specific master page is empty. So if enough pages per port are scanned, the time to scan the ports in geometric progression will increase.


The company has identified and accepted the vulnerability and has stated that it has solved the problem. Finally, the investigator performed preliminary tests with the device and no update warning was sent.

You can follow us on Linkedin, Twitter, Facebook to get daily news about cybersecurity and hackers.

Also read

Vulnerability of Sony Smart TVs Detection of WiFi passwords and stored images

The zero-day android’s unparalleled vulnerability allows hackers to gain privileges and control over their device.

Related Tags: