Knox Security Vulnerabilities and Issues — Knox CVE List

Lucene search

SamsungKnox

3 matches found

CVE•added 2017/01/27 8:59 p.m.•46 views

CVE-2016-1919

Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.

4.7CVSS4.4AI score0.00066EPSS

CVE•added 2017/01/27 8:59 p.m.•38 views

CVE-2016-1920

Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.

5.5CVSS5.3AI score0.00115EPSS

CVE•added 2017/01/27 8:59 p.m.•37 views

CVE-2016-3996

ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application.

5.5CVSS5.1AI score0.00201EPSS