VYPR
Unrated severityNVD Advisory· Published Dec 5, 2023· Updated Aug 2, 2024

CVE-2023-42579

CVE-2023-42579

Description

Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: prior to 5.3.70.1 (Android 11), 5.4.60.49/5.4.85.5/5.5.00.58 (Android 12), 5.6.00.52/5.6.10.42/5.7.00.45 (Android 13)
  • Range: 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.