CVE-2023-42579 Information

Description

Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11 5.4.60.49 5.4.85.5 5.5.00.58 in Android 12 and 5.6.00.52 5.6.10.42 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack.

Reference

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12