Sign-up

ID

VAR-201506-0113


CVE

CVE-2015-2865


TITLE

Samsung Galaxy S phones fail to properly validate SwiftKey language pack updates

Trust: 0.8

sources: CERT/CC: VU#155412

DESCRIPTION

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-4640, CVE-2015-4641. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2015-4640 and CVE-2015-4641 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage. ** Delete ** This case CVE-2015-4640 and CWE-2015-4641 It was deleted after being divided into. CVE-2015-4640 and CWE-2015-4641 Please refer to. Samsung Galaxy S Pre-installed on the Swiftkey SDK There is a vulnerability in the keyboard function using, which does not correctly verify language pack updates. Inadequate verification of data reliability (CWE-345) - CVE-2015-2865 Samsung Galaxy S In Swiftkey SDK The keyboard function using is preinstalled. This keyboard function Samsung It is signed and operates with system privileges. This keyboard function regularly checks for language pack updates, HTTP Is done via. If the contents of communication are altered by a man-in-the-middle attack, there is a possibility that it may be abused to write arbitrary data to the device. CWE-345: Insufficient Verification of Data Authenticity http://cwe.mitre.org/data/definitions/345.htmlIntermediary by a remote third party (man-in-the-middle) An arbitrary data may be written to the device by the attack. However, Swiftkey Considering the frequency of update checks by, it is unlikely that such an attack is possible. Samsung Galaxy is Samsung's mid- to high-end smartphone product line. To the affected device. Samsung Galaxy S Phones are prone to a security-bypass vulnerability. Other attacks are also possible. Note: This BID is being retired as CVE-2015-2865 (Samsung Galaxy S Phones CVE-2015-2865 Man in The Middle Security Bypass Vulnerability) is rejected and split into two issues. The following individual records exist to better document the issues: 75347 SwiftKey CVE-2015-4640 Man in The Middle Security Bypass Vulnerability 75353 SwiftKey CVE-2015-4641 Directory Traversal Vulnerability

Trust: 3.15

sources: NVD: CVE-2015-2865 // CERT/CC: VU#155412 // JVNDB: JVNDB-2015-003171 // CNVD: CNVD-2015-03953 // BID: 75229

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-03953

AFFECTED PRODUCTS

vendor:samsungmodel: - scope: - version: -

Trust: 0.8

vendor:samsungmodel:galaxy s4scope: - version: -

Trust: 0.8

vendor:samsungmodel:galaxy s4 miniscope: - version: -

Trust: 0.8

vendor:samsungmodel:galaxy s5scope: - version: -

Trust: 0.8

vendor:samsungmodel:galaxy s6scope: - version: -

Trust: 0.8

vendor:samsungmodel:galaxy s phonesscope: - version: -

Trust: 0.6

sources: CERT/CC: VU#155412 // CNVD: CNVD-2015-03953 // JVNDB: JVNDB-2015-003171

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2015-03953
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2015-03953
severity: MEDIUM
baseScore: 5.7
vectorString: AV:A/AC:M/AU:N/C:N/I:C/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2015-03953

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201506-449

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201506-449

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-003171

PATCH
title:Information Regarding the Keyboard Security Issue and Our Device Policy Updateurl:http://global.samsungtomorrow.com/information-regarding-the-keyboard-security-issue-and-our-device-policy-update/
Trust: 0.8
title:Is my Samsung device open to a security hack or vulnerability through the keyboard?url:https://support.swiftkey.com/hc/en-us/articles/203483421
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-003171

EXTERNAL IDS
db:NVDid:CVE-2015-2865
Trust: 3.0
db:CERT/CCid:VU#155412
Trust: 2.2
db:BIDid:75229
Trust: 1.5
db:JVNid:JVNVU94598171
Trust: 0.8
db:JVNDBid:JVNDB-2015-003171
Trust: 0.8
db:CNVDid:CNVD-2015-03953
Trust: 0.6
db:CNNVDid:CNNVD-201506-449
Trust: 0.6
sources:
            
            
            CERT/CC: VU#155412 // 
            
            
            
            CNVD: CNVD-2015-03953 // 
            
            
            
            BID: 75229 // 
            
            
            
            JVNDB: JVNDB-2015-003171 // 
            
            
            
            CNNVD: CNNVD-201506-449 // 
            
            
            
            NVD: CVE-2015-2865

REFERENCES
url:http://www.kb.cert.org/vuls/id/155412
Trust: 1.4
url:https://www.nowsecure.com/blog/2015/06/23/on-detecting-and-preventing-the-samsung-ime-keyboard-swiftkey-language-pack-update-vulnerability/
Trust: 0.8
url:https://www.nowsecure.com/blog/2015/06/16/remote-code-execution-as-system-user-on-samsung-phones/
Trust: 0.8
url:http://global.samsungtomorrow.com/information-regarding-the-keyboard-security-issue-and-our-device-policy-update/
Trust: 0.8
url:http://swiftkey.com/en/blog/samsung-keyboard-security-vulnerability-swiftkey/
Trust: 0.8
url:http://arstechnica.com/security/2015/06/new-exploit-turns-samsung-galaxy-phones-into-remote-bugging-devices/
Trust: 0.8
url:https://www.blackhat.com/ldn-15/summit.html#abusing-android-apps-and-gaining-remote-code-execution
Trust: 0.8
url:http://cwe.mitre.org/data/definitions/300.html
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2865
Trust: 0.8
url:http://jvn.jp/vu/jvnvu94598171/index.html
Trust: 0.8
url:http://www.securityfocus.com/bid/75229
Trust: 0.6
url:http://www.samsung.com/
Trust: 0.3
sources:
            
            
            CERT/CC: VU#155412 // 
            
            
            
            CNVD: CNVD-2015-03953 // 
            
            
            
            BID: 75229 // 
            
            
            
            JVNDB: JVNDB-2015-003171 // 
            
            
            
            CNNVD: CNNVD-201506-449

CREDITS
Ted Eull of NowSecure
Trust: 0.9
sources:
            
            
            BID: 75229 // 
            
            
            
            CNNVD: CNNVD-201506-449

SOURCES
db:CERT/CCid:VU#155412
db:CNVDid:CNVD-2015-03953
db:BIDid:75229
db:JVNDBid:JVNDB-2015-003171
db:CNNVDid:CNNVD-201506-449
db:NVDid:CVE-2015-2865

LAST UPDATE DATE
2024-08-14T13:34:00.661000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#155412date:2015-06-25T00:00:00
db:CNVDid:CNVD-2015-03953date:2015-06-25T00:00:00
db:BIDid:75229date:2015-07-15T00:41:00
db:JVNDBid:JVNDB-2015-003171date:2015-06-22T00:00:00
db:CNNVDid:CNNVD-201506-449date:2015-06-24T00:00:00
db:NVDid:CVE-2015-2865date:2023-11-07T02:25:26.910

SOURCES RELEASE DATE
db:CERT/CCid:VU#155412date:2015-06-16T00:00:00
db:CNVDid:CNVD-2015-03953date:2015-06-25T00:00:00
db:BIDid:75229date:2015-06-17T00:00:00
db:JVNDBid:JVNDB-2015-003171date:2015-06-18T00:00:00
db:CNNVDid:CNNVD-201506-449date:2015-06-24T00:00:00
db:NVDid:CVE-2015-2865date:2015-06-19T14:59:01.287