Various security vulnerabilities have been identified in Fire TV Devices including the Fire TV Stick 3rd Gen which is one of the most popular streaming devices available today.
Bitdefender, a well-known cybersecurity firm, first recognized these vulnerabilities in early May of this year with a coordinated disclosure.
The company performs regulatory audits of various IoT hardware for vulnerabilities and this includes Fire TV devices.
The issues were discovered in December of 2022 and relayed to Amazon that same month.
Amazon worked closely with Bitdefender to determine the issue and ultimately find a resolution.
The vulnerabilities identified affected two Fire TV devices, and more specifically, two different Fire OS Software versions.
- Insignia Fire TV with versions of Fire OS before 220.127.116.11
- Firestick 3rd Gen with versions of Fire OS before 18.104.22.168
This is the first time we have seen Amazon being transparent about vulnerabilities but it is likely not the first time these devices have encountered such issues.
This is one of the main reasons it is important to keep your device up to date and always run a VPN for complete security and anonymity.
The vulnerabilities discovered by Bitdefender included the following:
- Unauthorized authentication through local network PIN brute forcing. This vulnerability was caused by improper implementation of the Password Authenticated Key Exchange by Juggling (or J-PAKE) protocol that could have resulted in attackers gaining control of the device.
- A vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible.
It is important to note that different Fire TV devices have different version numbers so make sure to check your device version within settings.
You can easily locate the Fire OS software version on your Fire TV device by clicking Settings > My Fire TV > About > Fire TV.
In order to ensure your device does not have security vulnerabilities, we suggest updating your Firestick or Fire TV device to the most recent software version which has patched these issues.
You can do so by following our step-by-step guide below.
For the latest news and tutorials in the streaming and tech world, be sure to sign up for the TROYPOINT Advisor with updates weekly.
This Advisor provides all the best tips, reviews, and guides to get the most out of your favorite streaming devices. Click the link below for your TROYPOINT Advisor Subscription:
This page includes affiliate links where TROYPOINT may receive a commission at no extra cost to you. Many times, you will receive a discount due to the special arrangements made for our visitors. I will never promote something that I personally don’t use or recommend. Purchasing through my links directly supports TROYPOINT which keeps the content and tools coming. Thank you!