Security Updates

  • Samsung Visual Display is releasing Security Vulnerability Patch (SVP).

    Note: If your TV uses the default update settings, the latest firmware will have been automatically installed. Also, you can download new version of firmware on https://www.samsung.com.
    • How to check update setting: [Menu] -> [Support] ->[Software Update] -> Auto Update=ON.
    • How to check Software Name: [Menu] -> [Support] ->[About This TV].
    • Delivery time of security patches may vary depending on the regions and models.
    • VR-T-000168, VR-T-000169
      • Weakness: Type confusion vulnerabilities exist in V8.
      • Patch information: The official patch addressed the issue.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
    • VR-T-000021
      • Weakness: Out-of-bounds access vulnerabilities exist in V8.
      • The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-R-000128
      • Weakness: A vulnerability on JS API allows a attacker to read arbitrary files within the system.
      • Patch information: The patch adds proper permission check.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-T-000036, VR-T-000037
      • Weakness: Out-of-bounds access vulnerabilities exist in kernel driver.
      • Patch information: The patch deletes unused functions.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-T-000024
      • Weakness: Vulnerabilities allow unauthorized users to control the application.
      • Patch information: The patch adds proper check.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • VR-T-000036, VR-T-000037
      • Weakness: Out-of-bounds access vulnerabilities exist in kernel driver.
      • Patch information: The patch deletes unused functions.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)

      VR-T-000024
      • Weakness: Vulnerabilities allow unauthorized users to control the application.
      • Patch information: The patch adds proper check.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)

    • VR-T-000021
      • Weakness: Out-of-bounds access vulnerabilities exist in V8.
      • Patch information: The official patch addressed the issue.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-R-000078, VR-R-000085, VR-R-000086
      • Weakness: Possible heap overflow vulnerabilities exist in the drm driver.
      • Patch information: The patch adds the proper validation of the parameter.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-R-000109
      • Weakness: A possible memory leak vulnerability exists in FreeRDP.
      • Patch information: Official patches will be applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-R-000128
      • Weakness: A vulnerability on JS API allows a attacker to read arbitrary files within the system.
      • Patch information: The patch adds proper permission check.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • VR-N-000072
      • Weakness: Double free vulnerability exists in Linux Kernel.
      • Patch information: Official patches have applied .
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

    • VR-R-000052, VR-R-000055
      • Weakness: Type confusion vulnerabilities exist in V8.
      • Patch information: Official patches have applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-R-000054
      • Weakness: An improper verification of return value in V8 could lead to object corruption.
      • Patch information: Official patches have applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-R-000057, VR-R-000061
      • Weakness: Integer overflow vulnerabilities exist in V8.
      • Patch information: Official patches have applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-R-000058, VR-R-000059, VR-R-000060
      • Weakness: Out-of-bounds access vulnerabilities exist in V8.
      • Patch information: Official patches have applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-R-000070
      • Weakness: Type confusion vulnerabilities exist in V8.
      • Patch information: Official patches have applied.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • VR-R-000017
      • Weakness: Insufficient permission check in SDB allows unauthorized users to get application`s information.
      • Patch information: Permission check logic for debug commands has improved.
      • Update Models: 15 year models (T-HKPAKUC, T-HKMFAKUC, T-HKPDEUC, T-HKMFDEUC, T-HKPUABC, T-HKMFUABC, T-HKPDCNC, T-HKMAKUC, T-HKM6AKUC, T-HKMDEUC, T-HKM6DEUC, T-HKMUABC, T-HKM6UABC, T-HKMDCNC, T-HKM6DCNC, T-HKMDEUC, T-HKM6DEUC, T-HKMFDEUC, T-HKMDEUC, T-HKM6DEUC, T-HKMFDEUC)

      VR-N-000072
      • Weakness: Double free vulnerability exists in Linux Kernel.
      • Patch information: Official patches have applied.
      • Update Models: 15 year models (T-HKPAKUC, T-HKMFAKUC, T-HKPDEUC, T-HKMFDEUC, T-HKPUABC, T-HKMFUABC, T-HKPDCNC, T-HKMAKUC, T-HKM6AKUC, T-HKMDEUC, T-HKM6DEUC, T-HKMUABC, T-HKM6UABC, T-HKMDCNC, T-HKM6DCNC, T-HKMDEUC, T-HKM6DEUC, T-HKMFDEUC, T-HKMDEUC, T-HKM6DEUC, T-HKMFDEUC)

    • VR-M-000246
      • Weakness: Ginga-NCL application with malicious Lua code allow remote code execution.
      • Patch information: The patch prevents lua bytecode execution.
      • Update Models: 18 year models only ISDB (T-KTM2UABC, T-KTM2LUABC, T-KTSUUABC, T-KTSNUABC), 17 year models only ISDB (T-KTMUABC, T-KTSUABC)

      VR-R-000032
      • Weakness: Use-After-Free vulnerability exists in Linux kernel.
      • Patch information: Official patches have applied.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-R-000020
      • Weakness: Integer overflow vulnerability in SQLite could allow remote attackers to execute arbitrary code.
      • Patch information: Official patches have applied.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-R-000070
      • Weakness: Type confusion in V8.
      • Patch information: Official patches have applied.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-R-000017
      • Weakness: Insufficient permission check in SDB allows unauthorized users to get application`s information.
      • Patch information: Permission check logic for debug commands has improved.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • VR-R-000017
      • Weakness: Insufficient permission check in SDB allows unauthorized users to get application`s information.
      • Patch information: Permission check logic for debug commands has improved.
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

    • VR-R-000019
      • Weakness: Type confusion vulnerability in V8 could allow a remote attacker to potentially exploit heap corruption.
      • Patch information: Official patches have applied
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-R-000020
      • Weakness: Integer overflow vulnerability in SQLite could allow remote attackers to execute arbitrary code.
      • Patch information: Official patches have applied
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-R-000027
      • Weakness: Use-After-Free vulnerability in FileReader could allow a remote attacker to potentially perform out of bounds memory access.
      • Patch information: Official patches have applied
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-R-000032
      • Weakness: Use-After-Free vulnerability exists in Linux kernel.
      • Patch information: Official patches have applied
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • VR-R-000022
      • Weakness: A possible Integer Truncation in FreeRDP could lead to a Heap-Based Buffer Overflow.
      • Patch information: The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-R-000023
      • Weakness: A possible Integer Overflow in FreeRDP could lead to a Heap-Based Buffer Overflow.
      • Patch information: The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-R-000024
      • Weakness: A possible several Out-Of-Bounds Read vulnerabilities in FreeRDP NTLM Authentication module.
      • Patch information: The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      VR-R-000017
      • Weakness: Insufficient permission check in SDB allows unauthorized users to get application`s information.
      • Patch information: Permission check logic for debug commands has improved.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • VR-R-000022
      • Weakness: Symlink race vulnerability on auto start script could lead to privilege escalation.
      • Patch information: The patch add proper validation logic for file type.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • VR-N-000056
      • Weakness: Malicious cloud apps could be launched through Smartview websocket API.
      • Patch information: The patch removes unused code.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC ), 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-N-000036
      • Weakness: Use-after-free vulnerability exist in webkit.
      • Patch information: The official patch addressed the issue.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC), 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-N-000072
      • Weakness: Double-free vulnerability exist in Linux kernel.
      • Patch information: The official patch addressed the issue.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC), 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • VR-N-000016
      • Weakness: A possible command Injection vulnerability exists on sdbd.
      • Patch information: The patch adds the proper validation logic.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-N-000017, VR-N-000019
      • Weakness: A possible buffer overflow and memory leak vulnerabilities exist on sdbd.
      • Patch information: The patch adds proper validation logic and pointer handling.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-N-000027, VR-N-000028, VR-N-000032
      • Weakness: A possible remote control attack when a desktop or mobile device in the same network with TV accesses a malicious phishing site.
      • Patch information: The patch enhances the CORS rule and adds authentication and encryption on remote control API.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-K-000069, VR-M-000272
      • Weakness: Improper permission for files within USB driver could lead to privilege escalation.
      • Patch information: The patch adds several options when mounting usb driver.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-M-000219
      • Weakness: Command injection when calling the dbus method could cause privilege escalation.
      • Patch information: The patch adds the proper validation logic.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • VR-K-000069, VR-M-000272
      • Weakness : Improper permission for files within USB driver could lead to privilege escalation.
      • Patch information : The patch adds several options when mounting usb driver.
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      VR-M-000219
      • Weakness : Command injection when calling the dbus method could cause privilege escalation.
      • Patch information : The patch adds the proper validation logic.
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      VR-M-000075, VR-M-000281, VR-M-000282
      • Weakness : Malicious cloud apps could be launched through Smartview API
      • Patch information : The patch adds proper validation logic
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      VR-M-000116
      • Weakness : A vulnerability on webkit can lead to memory corruption.
      • Patch information : The patch adds exception handling.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      VR-M-000163
      • Weakness : XML External Entity Injection on a web application.
      • Patch information : The patch disables the external entity.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      VR-M-000136
      • Weakness : A vulnerability in tzdemuxerservice caused memory corruption in TrustZone.
      • Patch information : The patch adds the proper validation of the parameter.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      VR-M-000257
      • Weakness : Unauthorized contents can be played in a special case.
      • Patch information : The patch adds proper session management.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      VR-N-000043
      • Weakness : The privacy issue of the Login with Facebook.
      • Patch information : The patch remove the 'Login with Facebook' function.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

    • VR-N-000027, VR-N-000028, VR-N-000032
      • Weakness : A possible remote control attack when a desktop or mobile device in the same network with TV accesses a malicious phishing site.
      • Patch information : The patch enhances the CORS rule and adds authentication and encryption on remote control API.
      • Update Models : 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      VR-N-000043
      • Weakness : The privacy issue of the Login with Facebook.
      • Patch information : The patch remove the 'Login with Facebook' function.
      • Update Models : 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC), 17 year products (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-M-000163
      • Weakness : XML External Entity Injection on a web application could allow a attacker to read arbitrary files within the system.
      • Patch information : The patch disables the external entity.
      • Update Models : 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      VR-M-000136
      • Weakness : A vulnerability in tzdemuxerservice could cause memory corruption in TrustZone.
      • Patch information : The patch adds the proper validation of the parameter.
      • Update Models : 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • VR-M-000250
      • Weakness : A possible replay attack on a WPA2-enabled network.
      • Patch information : The official patch addressed the issue.
      • Update Models : 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)