cve/2023/CVE-2023-42579.md

### [CVE-2023-42579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42579)
![](https://img.shields.io/static/v1?label=Product&message=Samsung%20Keyboard&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-319%3A%20Cleartext%20Transmission%20of%20Sensitive%20Information&color=brighgreen)

### Description

Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/h7ml/h7ml
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-42579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42579)`
			`![](https://img.shields.io/static/v1?label=Product&message=Samsung%20Keyboard&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-319%3A%20Cleartext%20Transmission%20of%20Sensitive%20Information&color=brighgreen)`

			`### Description`

			`Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/h7ml/h7ml`