First published: Fri Jun 19 2015(Updated: )
The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle attackers to write to language-pack files by modifying an HTTP response. NOTE: CVE-2015-4640 exploitation can be combined with CVE-2015-4641 exploitation for man-in-the-middle code execution.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SwiftKey | ||
Samsung Galaxy S4 | ||
Samsung Galaxy S4 Mini | ||
Samsung Galaxy S5 | ||
Samsung Galaxy S6 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-4640 is considered a high severity vulnerability due to its potential for remote exploitation.
To mitigate CVE-2015-4640, ensure that your device is updated to the latest firmware which addresses this vulnerability.
CVE-2015-4640 affects Samsung Galaxy S4, S4 Mini, S5, and S6 devices using the SwiftKey SDK.
CVE-2015-4640 can be exploited through man-in-the-middle attacks that modify the HTTP response from the SwiftKey update server.
Exploitation of CVE-2015-4640 can allow attackers to write malicious language-pack files to compromised devices.