Home>Security Updates English Português

Security Updates

  • Security Updates for Smart TVs, Smart Monitors, and Audio Products

    Smart TV and monitor products launched from January 2023 will be supported with security updates for 7 years from their initial launch. We will aim to provide additional support for security patches for critical vulnerabilities even after this period, where possible.
    * All other Smart TVs, Smart Monitors, and audio products are guaranteed to receive security updates for 5 years from their initial launch.
  • Samsung Visual Display is releasing Security Vulnerability Patch (SVP).

    Note: If your Smart TV, Audio and Displays use the default update settings, the latest firmware will have been automatically installed. Also, you can download new version of firmware on https://www.samsung.com.
    • How to check update setting: [Menu] -> [Support] ->[Software Update] -> Auto Update=ON.
    • How to check Software Name: [Menu] -> [Support] ->[About This TV].
    • Delivery time of security patches may vary depending on the regions and models.
    • SVE-2025-50124 (CVE-2026-25203)
      • Weakness : Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability
      • Patch information : The patch modifies verification logic of the input

    • SVE-2025-50065, SVE-2025-50084 (CVE-2026-25200)
      • Weakness : A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover
      • Patch information : The patch modifies verification logic of the input

      SVE-2025-50086, SVE-2025-50089, SVE-2025-50090, SVE-2025-50074, SVE-2025-50075, SVE-2025-50110 (CVE-2026-25201)
      • Weakness : An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server
      • Patch information : The patch modifies verification logic of the input

      SVE-2025-50085 (CVE-2026-25202)
      • Weakness : The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server
      • Patch information : Remove hardcoded data

    • SVE-2025-50009, SVE-2025-50017, SVE-2025-50043 (CVE-2025-54438)
      • Weakness : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server
      • Patch information : The patch modifies verification logic of the input

      SVE-2025-50010(CVE-2025-54452)
      • Weakness : Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass
      • Patch information : The patch modifies verification logic of the input

      SVE-2025-50011, SVE-2025-50018 (CVE-2025-54438)
      • Weakness : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection
      • Patch information : The patch modifies verification logic of the input

      SVE-2025-50012, SVE-2025-50014, SVE-2025-50015, SVE-2025-50016, SVE-2025-50030, SVE-2025-50033, SVE-2025-50034, SVE-2025-50035 (CVE-2025-54439)
      • Weakness : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection
      • Patch information : The patch modifies verification logic of the input

      SVE-2025-50013(CVE-2025-54445)
      • Weakness : Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery
      • Patch information : The patch modifies verification logic of the input

      SVE-2025-50019(CVE-2025-54451)
      • Weakness : Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection
      • Patch information : The patch modifies verification logic of the input

      SVE-2025-50031, SVE-2025-50032 (CVE-2025-54454)
      • Weakness : Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass
      • Patch information : Remove Hard-coded Credentials

    • SVE-2025-50001(CVE-2025-4632)
      • Weakness : Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server allows attackers to write arbitrary file as system authority.
      • Patch information : The patch modifies verification logic of the input.
    • SVE-2024-50018(CVE-2024-7399)
      • Weakness : Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server allows attackers to write arbitrary file as system authority.
      • Patch information : The patch modifies verification logic of the input.
    • SVE-2024-50097
      • Weakness : Memory corruption vulnerability in chromium engine.
      • Patch information : The official patch addressed the issue.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        22 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        23 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-OSCSAKUC, T-OSCSDEUC, T-OSCSUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        24 year models (T-RSPDAKUC, T-RSPDDEUC, T-RSPDUABC, T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-OSCSAKUC, T-OSCSDEUC, T-OSCSUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-PTMLDAKUC, T-PTMLDDEUC, T-PTMLDUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
    • SVE-2023-50069
      • Weakness : Insufficient validation of untrusted XML input in chromium engine.
      • Patch information : The official patch addressed the issue.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        22 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
    • SVE-2022-50113
      • Weakness : Invalidation of anti theft function.
      • Patch information : The patch adds proper reset logic.
      • Update Models: 21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        22 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
    • SVE-2022-50146, SVE-2022-50147, SVE-2022-50148, SVE-2022-50149, SVE-2022-50150, SVE-2022-50151, SVE-2022-50152
      • Weakness : JIT compiler bug exist in V8.
      • Patch information : The official patch addressed the issue.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        22 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
    • SVE-2023-50021
      • Weakness : TV debug information leak.
      • Patch information : The patch blocks debug information.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        22 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        23 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-OSCSAKUC, T-OSCSDEUC, T-OSCSUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)

      SVE-2023-50040
      • Weakness : Secure command leak.
      • Patch information : The patch removes secure command.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        22 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        23 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-OSCSAKUC, T-OSCSDEUC, T-OSCSUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
    • SVE-2022-50125 (CVE-2022-44636)
      • Weakness : Smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button.
      • Patch information : The patch blocks information transfer without button input.
      • Update Models: 21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        22 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
    • SVE-2021-50009
      • Weakness : webapis issue for subtitle engine
      • Patch information: The patch removes vulnerable function.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
        22 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-PTMAKUC, T-PTMDEUC, T-PTMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUAB)
    • SVE-2021-50051
      • Weakness : patch v8 engine vulnerabilities
      • Patch information: The patch removes vulnerable function.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)
        20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUABC)

      SVE-2021-50050
      • Weakness : patch driver vulnerability
      • Patch information: The patch adds proper check.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)
        20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUABC)
    • SVE-2020-50136
      • Weakness: Remove vulnerable fuction in nodejs.
      • Patch information: The patch removes vulnerable function.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)
        20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)

      SVE-2021-50001
      • Weakness: buffer overflow patch on tz-playerservice.
      • Patch information: The patch adds proper check.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)
        20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
    • SVE-2021-50015, SVE-2021-50016, SVE-2021-50017
      • Weakness: opensource vulnerability patch.
      • Patch information: The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)
        20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUABC)

      SVE-2020-50175
      • Weakness: Remove vulnerable TVkey code.
      • Patch information: The patch removes vulnerable code.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
        21 year models (T-OSCPAKUC, T-OSCPDEUC, T-OSCPUABC, T-NKM2AKUC, T-NKM2DEUC, T-NKM2UABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KSU2EAKUC, T-KSU2EDEUC, T-KSU2EUABC)
    • SVE-2020-50168, SVE-2020-50169
      • Weakness: Type confusion vulnerabilities exist in V8.
      • Patch information: The official patch addressed the issue.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)
    • SVE-2020-50021
      • Weakness: Out-of-bounds access vulnerabilities exist in V8.
      • Patch information: The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2019-50128
      • Weakness: A vulnerability on JS API allows a attacker to read arbitrary files within the system.
      • Patch information: The patch adds proper permission check.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2020-50036, SVE-2020-50037
      • Weakness: Out-of-bounds access vulnerabilities exist in kernel driver.
      • Patch information: The patch deletes unused functions.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2020-50024
      • Weakness: Vulnerabilities allow unauthorized users to control the application.
      • Patch information: The patch adds proper check.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • SVE-2020-50036, SVE-2020-50037
      • Weakness: Out-of-bounds access vulnerabilities exist in kernel driver.
      • Patch information: The patch deletes unused functions.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)

      SVE-2020-50024
      • Weakness: Vulnerabilities allow unauthorized users to control the application.
      • Patch information: The patch adds proper check.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC)

    • SVE-2020-50021
      • Weakness: Out-of-bounds access vulnerabilities exist in V8.
      • Patch information: The official patch addressed the issue.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2019-50078, SVE-2019-50085, SVE-2019-50086
      • Weakness: Possible heap overflow vulnerabilities exist in the drm driver.
      • Patch information: The patch adds the proper validation of the parameter.
      • Update Models: 20 year models (T-NKMAKUC, T-NKMDEUC, T-NKMUABC, T-NKLAKUC, T-NKLDEUC, T-NKLUABC, T-KTS2AKUC, T-KTS2DEUC, T-KTS2UABC, T-KTSU2AKUC, T-KTSU2DEUC, T-KTSU2UABC, T-KTSU2FAKUC, T-KTSU2FDEUC, T-KTSU2FUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2019-50109
      • Weakness: A possible memory leak vulnerability exists in FreeRDP.
      • Patch information: Official patches will be applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2019-50128
      • Weakness: A vulnerability on JS API allows a attacker to read arbitrary files within the system.
      • Patch information: The patch adds proper permission check.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • SVE-2018-50072
      • Weakness: Double free vulnerability exists in Linux Kernel.
      • Patch information: Official patches have applied .
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

    • SVE-2019-50052, SVE-2019-50055
      • Weakness: Type confusion vulnerabilities exist in V8.
      • Patch information: Official patches have applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2019-50054
      • Weakness: An improper verification of return value in V8 could lead to object corruption.
      • Patch information: Official patches have applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2019-50057, SVE-2019-50061
      • Weakness: Integer overflow vulnerabilities exist in V8.
      • Patch information: Official patches have applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2019-50058, SVE-2019-50059, SVE-2019-50060
      • Weakness: Out-of-bounds access vulnerabilities exist in V8.
      • Patch information: Official patches have applied.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2019-50070
      • Weakness: Type confusion vulnerabilities exist in V8.
      • Patch information: Official patches have applied.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • SVE-2019-50017
      • Weakness: Insufficient permission check in SDB allows unauthorized users to get application`s information.
      • Patch information: Permission check logic for debug commands has improved.
      • Update Models: 15 year models (T-HKPAKUC, T-HKMFAKUC, T-HKPDEUC, T-HKMFDEUC, T-HKPUABC, T-HKMFUABC, T-HKPDCNC, T-HKMAKUC, T-HKM6AKUC, T-HKMDEUC, T-HKM6DEUC, T-HKMUABC, T-HKM6UABC, T-HKMDCNC, T-HKM6DCNC, T-HKMDEUC, T-HKM6DEUC, T-HKMFDEUC, T-HKMDEUC, T-HKM6DEUC, T-HKMFDEUC)

      SVE-2018-50072
      • Weakness: Double free vulnerability exists in Linux Kernel.
      • Patch information: Official patches have applied.
      • Update Models: 15 year models (T-HKPAKUC, T-HKMFAKUC, T-HKPDEUC, T-HKMFDEUC, T-HKPUABC, T-HKMFUABC, T-HKPDCNC, T-HKMAKUC, T-HKM6AKUC, T-HKMDEUC, T-HKM6DEUC, T-HKMUABC, T-HKM6UABC, T-HKMDCNC, T-HKM6DCNC, T-HKMDEUC, T-HKM6DEUC, T-HKMFDEUC, T-HKMDEUC, T-HKM6DEUC, T-HKMFDEUC)

    • SVE-2017-50246
      • Weakness: Ginga-NCL application with malicious Lua code allow remote code execution.
      • Patch information: The patch prevents lua bytecode execution.
      • Update Models: 18 year models only ISDB (T-KTM2UABC, T-KTM2LUABC, T-KTSUUABC, T-KTSNUABC), 17 year models only ISDB (T-KTMUABC, T-KTSUABC)

      SVE-2019-50032
      • Weakness: Use-After-Free vulnerability exists in Linux kernel.
      • Patch information: Official patches have applied.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2019-50020
      • Weakness: Integer overflow vulnerability in SQLite could allow remote attackers to execute arbitrary code.
      • Patch information: Official patches have applied.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2019-50070
      • Weakness: Type confusion in V8.
      • Patch information: Official patches have applied.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2019-50017
      • Weakness: Insufficient permission check in SDB allows unauthorized users to get application`s information.
      • Patch information: Permission check logic for debug commands has improved.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • SVE-2019-50017
      • Weakness: Insufficient permission check in SDB allows unauthorized users to get application`s information.
      • Patch information: Permission check logic for debug commands has improved.
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

    • SVE-2019-50019
      • Weakness: Type confusion vulnerability in V8 could allow a remote attacker to potentially exploit heap corruption.
      • Patch information: Official patches have applied
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2019-50020
      • Weakness: Integer overflow vulnerability in SQLite could allow remote attackers to execute arbitrary code.
      • Patch information: Official patches have applied
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC), 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2019-50027
      • Weakness: Use-After-Free vulnerability in FileReader could allow a remote attacker to potentially perform out of bounds memory access.
      • Patch information: Official patches have applied
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2019-50032
      • Weakness: Use-After-Free vulnerability exists in Linux kernel.
      • Patch information: Official patches have applied
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • SVE-2019-50022
      • Weakness: A possible Integer Truncation in FreeRDP could lead to a Heap-Based Buffer Overflow.
      • Patch information: The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2019-50023
      • Weakness: A possible Integer Overflow in FreeRDP could lead to a Heap-Based Buffer Overflow.
      • Patch information: The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2019-50024
      • Weakness: A possible several Out-Of-Bounds Read vulnerabilities in FreeRDP NTLM Authentication module.
      • Patch information: The official patch addressed the issue.
      • Update Models: 19 year models (T-MSMAKUC, T-MSMDEUC, T-MSMUABC, T-MSLAKUC, T-MSLDEUC, T-MSLUABC, T-KTSRUABC, T-KTSURUABC)

      SVE-2019-50017
      • Weakness: Insufficient permission check in SDB allows unauthorized users to get application`s information.
      • Patch information: Permission check logic for debug commands has improved.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

    • SVE-2019-50022
      • Weakness: Symlink race vulnerability on auto start script could lead to privilege escalation.
      • Patch information: The patch add proper validation logic for file type.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • SVE-2018-50056
      • Weakness: Malicious cloud apps could be launched through Smartview websocket API.
      • Patch information: The patch removes unused code.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC ), 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2018-50036
      • Weakness: Use-after-free vulnerability exist in webkit.
      • Patch information: The official patch addressed the issue.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC), 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2018-50072
      • Weakness: Double-free vulnerability exist in Linux kernel.
      • Patch information: The official patch addressed the issue.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC), 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • SVE-2018-50016
      • Weakness: A possible command Injection vulnerability exists on sdbd.
      • Patch information: The patch adds the proper validation logic.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2018-50017, SVE-2018-50019
      • Weakness: A possible buffer overflow and memory leak vulnerabilities exist on sdbd.
      • Patch information: The patch adds proper validation logic and pointer handling.
      • Update Models: 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2018-50027, SVE-2018-50028, SVE-2018-50032
      • Weakness: A possible remote control attack when a desktop or mobile device in the same network with TV accesses a malicious phishing site.
      • Patch information: The patch enhances the CORS rule and adds authentication and encryption on remote control API.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2016-50069, SVE-2017-50272
      • Weakness: Improper permission for files within USB driver could lead to privilege escalation.
      • Patch information: The patch adds several options when mounting usb driver.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2017-50219
      • Weakness: Command injection when calling the dbus method could cause privilege escalation.
      • Patch information: The patch adds the proper validation logic.
      • Update Models: 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • SVE-2016-50069, SVE-2017-50272
      • Weakness : Improper permission for files within USB driver could lead to privilege escalation.
      • Patch information : The patch adds several options when mounting usb driver.
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      SVE-2017-50219
      • Weakness : Command injection when calling the dbus method could cause privilege escalation.
      • Patch information : The patch adds the proper validation logic.
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      SVE-2017-50075, SVE-2017-50281, SVE-2017-50282
      • Weakness : Malicious cloud apps could be launched through Smartview API
      • Patch information : The patch adds proper validation logic
      • Update Models: 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      SVE-2017-50116
      • Weakness : A vulnerability on webkit can lead to memory corruption.
      • Patch information : The patch adds exception handling.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      SVE-2017-50163
      • Weakness : XML External Entity Injection on a web application.
      • Patch information : The patch disables the external entity.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      SVE-2017-50136
      • Weakness : A vulnerability in tzdemuxerservice caused memory corruption in TrustZone.
      • Patch information : The patch adds the proper validation of the parameter.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      SVE-2017-50257
      • Weakness : Unauthorized contents can be played in a special case.
      • Patch information : The patch adds proper session management.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

      SVE-2018-50043
      • Weakness : The privacy issue of the Login with Facebook.
      • Patch information : The patch remove the 'Login with Facebook' function.
      • Update Models : 16 year models (T-JZMAKUC, T-JZMDEUC, T-JZMUABC, T-JZMDCNC, T-JZL6AKUC, T-JZL6DEUC, T-JZL6UABC, T-JZL6DCNC, T-HKMFKAKUC, T-HKMFKDEUC, T-HKMFKUABC, T-HKMFKDCNC)

    • SVE-2018-50027, SVE-2018-50028, SVE-2018-50032
      • Weakness : A possible remote control attack when a desktop or mobile device in the same network with TV accesses a malicious phishing site.
      • Patch information : The patch enhances the CORS rule and adds authentication and encryption on remote control API.
      • Update Models : 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC)

      SVE-2018-50043
      • Weakness : The privacy issue of the Login with Facebook.
      • Patch information : The patch remove the 'Login with Facebook' function.
      • Update Models : 18 year models (T-KTM2AKUC, T-KTM2DEUC, T-KTM2UABC, T-KTM2DCNC, T-KTM2LAKUC, T-KTM2LDEUC, T-KTM2LUABC, T-KTM2LDCNC, T-KTSUAKUC, T-KTSUDEUC, T-KTSUUABC, T-KTSUDCNC, T-KTSNAKUC, T-KTSNDEUC, T-KTSNUABC), 17 year products (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2017-50163
      • Weakness : XML External Entity Injection on a web application could allow a attacker to read arbitrary files within the system.
      • Patch information : The patch disables the external entity.
      • Update Models : 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

      SVE-2017-50136
      • Weakness : A vulnerability in tzdemuxerservice could cause memory corruption in TrustZone.
      • Patch information : The patch adds the proper validation of the parameter.
      • Update Models : 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)

    • SVE-2017-50250
      • Weakness : A possible replay attack on a WPA2-enabled network.
      • Patch information : The official patch addressed the issue.
      • Update Models : 17 year models (T-KTMAKUC, T-KTMDEUC, T-KTMUABC, T-KTMDCNC, T-KTSAKUC, T-KTSDEUC, T-KTSUABC, T-KTSDCNC)