CVE-2023-29736 – Keyboard Themes 1.275.1.164 for Android contain... (How to Fix)

Q: What is the severity of CVE-2023-29736?

CVE-2023-29736 has a CVSS score of 9.8 (CRITICAL). Keyboard Themes 1.275.1.164 for Android contains a path traversal vulnerability that allows unauthorized apps to write arbitrary files to its internal storage. This can lead to arbitrary code execution with the app's permissions. Only users of this specific Android keyboard theme app version are affected.

📋 TL;DR

Keyboard Themes 1.275.1.164 for Android contains a path traversal vulnerability that allows unauthorized apps to write arbitrary files to its internal storage. This can lead to arbitrary code execution with the app's permissions. Only users of this specific Android keyboard theme app version are affected.

💻 Affected Systems

Products:

Keyboard Themes

Versions: 1.275.1.164

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects this specific version of the Keyboard Themes app on Android devices.

📦 What is this software?

Keyboard Themes by Timmystudios

View all CVEs affecting Keyboard Themes →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise through arbitrary code execution, potentially allowing data theft, surveillance, or ransomware deployment.

🟠

Likely Case

Malicious app could overwrite configuration files to inject malicious code, leading to privilege escalation and data exfiltration.

🟢

If Mitigated

With proper app sandboxing and security controls, impact limited to the app's own data and permissions.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires a malicious app to be installed on the same device. The vulnerability is well-documented in public repositories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to latest version from Google Play Store

Vendor Advisory: https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29736/CVE%20detail.md

Restart Required: Yes

Instructions:

1. Open Google Play Store
2. Search for 'Keyboard Themes'
3. If update available, tap 'Update'
4. Restart device after update completes

🔧 Temporary Workarounds

Uninstall vulnerable app

android

Remove the vulnerable Keyboard Themes app completely

adb uninstall com.keyboard.themes.package

Disable app permissions

android

Revoke all permissions from Keyboard Themes app

adb shell pm revoke com.keyboard.themes.package android.permission.*

🧯 If You Can't Patch

Uninstall Keyboard Themes app immediately
Use alternative keyboard apps from trusted developers
Enable Google Play Protect and keep it updated

🔍 How to Verify

Check if Vulnerable:

Check app version in Settings > Apps > Keyboard Themes > App info

Check Version:

adb shell dumpsys package com.keyboard.themes.package | grep versionName

Verify Fix Applied:

Verify app version is no longer 1.275.1.164 after update

📡 Detection & Monitoring

Log Indicators:

Unusual file write operations in Keyboard Themes app directory
Permission escalation attempts from keyboard app

Network Indicators:

Unexpected network connections originating from keyboard app

SIEM Query:

source="android_logs" app="Keyboard Themes" (event="file_write" OR event="permission_change")

📊 Metadata

CVE ID: CVE-2023-29736

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

Published: June 1, 2023

Last Updated: January 9, 2025

🔗 References

https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29736/CVE%20detail.md Exploit,Third Party Advisory
https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29736/CVE%20detail.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29736, you might also want to check these: