Samsung TVs Reportedly Ship With Major Hacking Flaws
Samsung’s televisions and wearables reportedly have serious vulnerabilities that could allow malicious hackers to remotely take control of them.
Security researchers in Israel have uncovered 40 previously undiscovered vulnerabilities in the operating system running in Samsung’s line of smart televisions, smartwatches, and even mobile phones, which could give hackers easy access to the devices, Motherboard is reporting after discussing the findings with the researchers. Tens of millions of electronics could be at risk, security researcher Amihai Neiderman told Motherboard.
The security flaws are living inside Tizen, an operating system Samsung (SSNLF) has been developing over the last several years that runs on the company’s televisions, smartwatches, and some low-powered mobile devices. Hackers with knowledge of the vulnerabilities can be half a world away but connect over the Internet to a Samsung television or wearable, and assume complete control over the device.
Get Data Sheet, Fortune’s technology newsletter
Tizen is an operating system designed for a multitude of device types. And years ago, companies that make up the Tizen Association, which backs the operating system development, had hoped to deliver it as an alternative to Google’s (GOOGL) Android. However, Tizen has struggled to gain traction in the competitive mobile market, and Samsung has instead decided to bundle the operating system into home products and wearables instead of smartphones and tablets.
While Tizen holds an exceedingly small slice of the market compared to Android, it’s believed to be running on at least 30 million Samsung televisions, alone. Samsung has also said it plans to expand Tizen’s presence as part of a broader smart home push and bundle it with washing machines and refrigerators.
Neiderman didn’t say if hackers have been exploiting some of the flaws built into Tizen, and he has only been analyzing the software for the past eight months. He believes that many of the 40 flaws—called zero day exploits because there are no fixes and hackers could take advantage of them right now—were caused by Samsung coding errors that were never discovered in product testing.
The security researcher told Motherboard that he has been discussing the flaws with Samsung, though the company hasn’t said when—or even if—it might offer a fix.
Samsung did not immediately respond to a Fortune request for comment.