Samsung KnoxCustomManagerService Access Control Error Vulnerability

Samsung KnoxCustomManagerService is an open source Android platform-based security solution from South Korea’s Samsung (Samsung) that can enhance security across the board through a combination of physical means and software systems, while being perfectly compatible with the Android and Google ecosystem, bringing industry-leading security to enterprises and individual employees. An access control error vulnerability exists in Samsung KnoxCustomManagerService, which stems from the lack of protection of broadcast intent in KnoxCustomManagerService. An attacker could use the vulnerability to invoke PowerManaer.goToSleep by sending a broadcast intent.