" HDMI is used by many display devices as an interface for transmitting high-definition video and audio data. The HDMI usage rate is expected to increase further as many global IT companies such as Samsung, Google, and Apple are joining the HDMI Forum. HDMI is provided for transmitting digital television audiovisual signals from HDMI source device to the HDMI sink device. It delivers not only the audiovisual signal but also controls, status and data information in both directions. Although there is a weakness that HDMI requires a direct line connection, considering the HDMI usage rate of AV devices, the impact of HDMI vulnerability is huge. So we will explain the CEC and DDC protocols that transmit bidirectional data in detail and explain the reason why they are considered as attack vectors. Simply put, CEC protocol is used to control devices connected to HDMI. The DDC protocol is used by the HDMI source device to obtain information about the status and function of the HDMI sink device. In particular, we will talk about the structure of each protocol's messages and how we sent them. After that, we will introduce the fuzzer we made and release the source code of it. There are CEC fuzzer with USB-CEC adapter, DDC fuzzer with our own test cable, and DDC fuzzer of Ubuntu graphics driver. And I will present about the vulnerabilities which we found in the set-top box as a result of our fuzzer, and the crash we got from Windows. If we find something else, we'll disclose it also."