Friday December 25th

Friday December 18th

Thursday December 3rd

Tuesday December 1st

Monday November 16th

Sunday November 15th

Friday November 6th

Tuesday November 3rd

Wednesday October 14th

1 Kicks

Remote Code Execution as System User on Samsung Phones

The Swift keyboard comes pre-installed on Samsung devices and cannot be disabled or uninstalled. Even when it is not used as the default keyboard, it can still be exploited. On Samsung devices, the keyboard was built around the Swift SDK. This makes the Samsung keyboard application (named SamsungIME) distinctly different from the Swift keyboard in the Play store. The verison of the keyboard in the Play store is also susceptible to an remote arbitrary file write, but as it does not run as a privledged user we cannot use the same attack vector.

0 comments

Commenting on Stories is limited for now and will open up to those recommended by the community. Learn how
Loading InfoSecKicks...
brought to you by the Kicks Network