Security researcher says that Tizen is a hacker's dream, has 40 unknown zero-day vulnerabilities

After it had came to notice last month that CIA could hack Tizen-powered Samsung smart TVs, an Israeli security researcher Amihai Neiderman managed to find 40 zero-day vulnerabilities in Tizen's code base. These vulnerabilities would allow someone to remotely hack a Tizen-powered device. Moreover, unlike the CIA hack, these newfound vulnerabilities (also known as remote code execution) do not need a device's physical address.

“It may be the worst code I've ever seen. Everything you can do wrong there, they do it. You can see that nobody with any understanding of security looked at this code or wrote it. It's like taking an undergraduate and letting him program your software.”

Of all the vulnerabilities, Neiderman found one particular design flaw inside the Tizen store, which is said to be critical. According to Neiderman, this vulnerability allowed him to hijack the software to deliver malicious code into his Samsung TV. Since the Tizen Store has the highest privileges, it can be used by a hacker as a Holy Grail for abuse.

Amihai Neiderman, who heads research at Equus Software, first started studying Tizen's security issues when he purchased a Tizen-powered Samsung smart TV. Once he found out how badly written his TV's code is, he bought a bunch of smartphones to test Tizen. He says that a lot of Tizen's code base is old and borrowed from Bada OS, but most of the vulnerabilities he found were from the code that was written within the last two years.

“You can see that they took all this code and tried to push it into Tizen,” Neiderman says.

Samsung says that it is now in contact with Neiderman to solve all the vulnerabilities and security issues in Tizen's code. He also suggests that Samsung should reconsider deploying Tizen in phones before doing a major overhaul of the code.