Abusing Samsung KNOX to remotely install a malicious application: story of a half patched vulnerability

We explain a vulnerability found when the Samsung Galaxy S5 was released and patched recently by Samsung. It allows a remote attacker to install an arbitrary application by using an unsecure update mechanism implemented in the UniversalMDMClient application related to the Samsung KNOX security solution. The vulnerability has been patched on the Samsung Galaxy S5 but also Note 4 and Alpha. Yet the Samsung Galaxy S4, Note3 and Ace 4 (and possibly others) are still vulnerable.



Author: WhiteHat News Admin

Share This Post On