Samsung Galaxy S Remote Code Execution Vulnerability (CVE-2015-2865)

Samsung Galaxy S Remote Code Execution Vulnerability (CVE-2015-2865)
Samsung Galaxy S Remote Code Execution Vulnerability (CVE-2015-2865)

Release date:
Updated on:

Affected Systems:

Samsung Galaxy

Description:

CVE (CAN) ID: CVE-2015-2865

Samsung Galaxy is a Samsung high-end smartphone product. Swiftkey keyboard is a keyboard application pre-installed on the Galaxy S Mobile Phone series and operated with system permissions.

Samsung Galaxy S phones, including S4 Mini, S4, S5, and S6, do not verify the update of the Swiftkey Language Pack. By default, Swiftkey will pass the HTTP periodic check Language Pack Update and intercept such requests, modify required fields. unauthenticated remote attackers can perform man-in-the-middle attacks, write arbitrary data to affected devices, and secretly monitor users' cameras, text messages, and install malicious programs.

<* Source: Ryan Welton
Ted Eull

Link: https://www.kb.cert.org/vuls/id/155412
*>

Suggestion:

Vendor patch:

Samsung
-------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://www.samsung.com/

Refer:

Https://www.nowsecure.com/blog/2015/06/16/remote-code-execution-as-system-user-on-samsung-phones/
Http://arstechnica.com/security/2015/06/new-exploit-turns-samsung-galaxy-phones-into-remote-bugging-devices/
Https://www.blackhat.com/ldn-15/summit.html#abusing-android-apps-and-gaining-remote-code-execution
Http://cwe.mitre.org/data/definitions/300.html

This article permanently updates the link address: