Check Point Research experts have found vulnerabilities in the pre-installed virtual keyboard of flagship LG smartphones LGEIME), testing such flagship devices as LG G4, LG G5 and LG G6.
Researchers write that the detected bugs could be used to remotely execute code with elevated privileges on LG mobile devices. With their help, it was possible to use keyboard update processes, use a keylogger, and thus access confidential user data.
The first error was related to the MyScript handwriting function. It turned out that to update the interface language the device connects to an external server through an unprotected HTTP connection, through which it is possible to conduct an attack like “Man in the middle” (MITM). Such an attack allowed downloading a malicious file to the smartphone instead of a legitimate language update.
The second vulnerability was related to the location of the language file. With the help of a directory traversal, the attacker could change the file extension and inject malicious software into the configuration file of the LG keyboard catalog.
LG developers view the detected problems as a single vulnerability with the identifier LVE-SMP-170025. The company has already prepared the fixes and now strongly recommends users to update the OS of G (G5, G6), V (Q10, Q10, V8), X (X300, X400, X500) smartphones.