Tizen Zero-Days: Samsung Operating System Prone To Attacks, According To Security Experts
Tizen, the operating system that runs on Samsung’s connected devices like televisions and smartwatches, is plagued by a number of dangerous security vulnerabilities, according to a report from Motherboard.
Amihai Neiderman, the head of security research at Equus Software in Israel, reported Samsung’s in-house operating system suffers from more than 40 zero-day exploits—vulnerabilities that have not yet been disclosed or patched by Samsung.
Read: Samsung Opens Tizen Mobile App Incentive Program Ahead Of Release Of New Tizen Smartphones
The attacks on the open source OS can all be carried out remotely, meaning potential hackers wouldn’t need to physically come in contact with the device to compromise it. Once in the system, a hacker would be able to execute code on the device to compromise it further.
Perhaps the most egregious vulnerability of the bunch involves TizenStore—the Samsung equivalent to the Google Play Store on Android or App Store on iOS. A flaw in its design would allow a bad actor to hijack the software and spread malicious code to other Tizen-powered devices like Smart TVs.
This presents a considerable problem for those who have devices in their homes that run Tizen, which is no small pool of people. More than 30 million devices run Tizen, including Samsung’s smart TVs, its Galaxy Gear smartwatch line and some phones in countries like Russia, Bangladesh and India.
Samsung is committed to the operating system, marking its intention to have 10 million smartphones running Tizen in the wild by year’s end after selling three million smartphones powered by the OS in 2016.
For a period of time, Samsung was considering replacing Android with Tizen on its flagship handsets like the Galaxy Note and Galaxy S series. While it still counts primarily upon Android for smartphones, Samsung announced earlier this year that it would use Tizen to power smart devices including washing machines and refrigerators.
Read: Samsung To Launch Tizen-Powered Z2 Smartphone
“Samsung Electronics takes security and privacy very seriously. We regularly check our systems and if at any time there is a credible potential vulnerability, we act promptly to investigate and resolve the issue,” a spokesperson for Samsung told International Business Time.
The company said it provides regular software updates to protect against vulnerabilities and to safeguard its products. “We are fully committed to cooperating with Mr. Neiderman to mitigate any potential vulnerabilities. Through our SmartTV Bug Bounty program, Samsung is committed to working with security experts around the world to mitigate any security risks,” the spokesperson said.”
Neiderman intends to reveal the full extent of Tizen’s vulnerabilities at the Security Analyst Summit hosted by Kaspersky Lab in St. Maarten on Monday.
© Copyright IBTimes 2024. All rights reserved.