A man-in-the-middle attack has left Vizio TV owners compromised after smart TVs made by the company were found to be broadcasting their viewing habits. This was due to the device not validating the HTTPS certificates of the servers it was connecting to. The TV actually accepted self-signed forged certificates.
The sharing of data was in contravention of privacy policies that owners had subscribed to. Researchers from Avast found further footholds that attacks could use to exploit the device.