If you’ve got a Sony Bravia smart TV and you’ve changed its default settings you may need to upload a firmware update.

You can do this by visiting the Download section of the TV's product page and check it's running the firmware update.

Several bugs have been detected in the following Sony Bravia models:
  • R5C, WD75, WD65, XE70, XF70, WE75, WE6, and WF6 series.

The bugs included a stack buffer overflow, a directory traversal bug, and a command injection flaw.

The command injection flaw is the bug that could lead to remote code execution with root privilege.

This means that if someone is on the same local area network they can remotely take control of the TV.

Please note:
  • Sony Bravia TV owners should have automatically received the firmware updates if they've not changed the TV’s default settings. 
  • By default the affected Bravia TVs are set to automatically receive updates when they connect to the internet. 

Sony did send out the firmware updates to patch these bugs and by far the majority of Bravia smart TV owners should be safe.
 

The bigger issue

Smart TVs though are just part of a growing number of smart connected devices that could give remote attackers a foothold in homes or businesses.

The bigger issue with these Sony Bravia vulnerabilities is just how smart connected devices are rapidly becoming part of the furniture in the home. To its credit Sony is acknowledging and doing something about flaws that are discovered.

Many smart device manufacturers don’t. This has led to, for example, the creation of huge smart device botnets which have been used to take major websites.

But this is only the beginning. Smart device attacks are going to become increasingly common. As such it always pays to keep one eye on the security of smart devices you plan to buy.

In a first of its kind BullGuard Premium Protection has a Home Network Scanner which scans your network 24/7 and every device on it, including smart TV’s, baby monitors, cameras and so on. If any devices are insecure it will let you know.

Check it out here.