More Than 600 Million Samsung Devices Have Vulnerability In The Keyboard

Mobile security researcher from NowSecure have founded that more than 600 million Samsung devices are vulnerable to remote code execution vulnerability in the Samsung keyboard.

According to NowSecure Samsung stock keyboard using the SwiftKey SDK which allows hackers to access sensors on the device, microphone, GPS, pictures, camera and even messages.

This vulnerable allows hackers to download and install malicious app on the device without requiring the user’s permission and can even track incoming and out messages and calls.

Samsung and the Android security was notified last year about CVE-2015-2865. Patches are available to download since 2015 but there is no proper count on how many devices are updated. Since the Samsung stock keyboard comes default on all Samsung devices and cannot be uninstalled.

According to Official support forum, “We’ve seen reports of a security issue related to the Samsung stock keyboard that uses the SwiftKey SDK. We can confirm that the SwiftKey Keyboard apps available via Google Play or the Apple App Store are not affected by this vulnerability. We take reports of this manner very seriously and are currently investigating further.” said by SwiftKey team

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Microsoft Fixed 100+ Vulnerabilities With October Patch Tuesday

1 comment

Anonymous August 29, 2015 - 7:56 am
Can you create a button " save for offline reading" on this app? Thanks.

Comments are closed.

Add Comment