AirWatch updates address bypass of root detection and local data encryption

2017-01-30T00:00:00
ID VMSA-2017-0001
Type vmware
Reporter VMware
Modified 2017-01-30T00:00:00

Description

a. Root detection bypass

Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data.

VMware would like to thank Finn Steglich from SySS GmbH for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4895 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.