CVE-2015-4640 : The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini,

The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle attackers to write to language-pack files by modifying an HTTP response. NOTE: CVE-2015-4640 exploitation can be combined with CVE-2015-4641 exploitation for man-in-the-middle code execution.

Published 2015-06-19 14:59:01

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2015-4640

Swiftkey » Swiftkey Sdk
cpe:2.3:a:swiftkey:swiftkey_sdk:*:*:*:*:*:*:*:*
Matching versions
When used together with: Samsung » Galaxy S4
When used together with: Samsung » Galaxy S4 Mini
When used together with: Samsung » Galaxy S5
When used together with: Samsung » Galaxy S6

Exploit prediction scoring system (EPSS) score for CVE-2015-4640

EPSS FAQ

0.20%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 39 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-4640

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.9	LOW	AV:A/AC:M/Au:N/C:N/I:P/A:N	5.5	2.9	NIST
Access Vector: Adjacent Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

CWE ids for CVE-2015-4640

CWE-254

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-4640

https://www.nowsecure.com/keyboard-vulnerability/

Samsung Keyboard Security Risk Disclosed: Over 600M+ Devices Worldwide Impacted - NowSecure
Exploit

CVEs referencing this url
https://github.com/nowsecure/samsung-ime-rce-poc/

GitHub - nowsecure/samsung-ime-rce-poc: Samsung Remote Code Execution as System User
Exploit

CVEs referencing this url
http://www.kb.cert.org/vuls/id/155412

VU#155412 - Samsung Galaxy S phones fail to properly validate SwiftKey language pack updates
Third Party Advisory;US Government Resource

CVEs referencing this url
http://www.securityfocus.com/bid/75347

SwiftKey CVE-2015-4640 Man in The Middle Security Bypass Vulnerability
https://www.nowsecure.com/blog/2015/06/16/remote-code-execution-as-system-user-on-samsung-phones/

Remote Code Execution as System User on Samsung Phones - NowSecure
Exploit

CVEs referencing this url
http://arstechnica.com/security/2015/06/new-exploit-turns-samsung-galaxy-phones-into-remote-bugging-devices/

New exploit turns Samsung Galaxy phones into remote bugging devices | Ars Technica
Exploit

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2015-4640

Products affected by CVE-2015-4640

Exploit prediction scoring system (EPSS) score for CVE-2015-4640

CVSS scores for CVE-2015-4640

CWE ids for CVE-2015-4640

References for CVE-2015-4640