Man-in-the-Middle Vulnerability in Samsung KNOX for Android Devices
CVE-2016-1920

5.5MEDIUM

Key Information:

Vendor

Samsung
Status
Knox
Vendor
CVE Published:
27 January 2017

What is CVE-2016-1920?

Samsung KNOX 1.0.0 for Android utilizes a shared certificate, which exposes the system to potential man-in-the-middle attacks. Local users can exploit this vulnerability by installing a malicious certificate and running a VPN service. This flaw can compromise secure communications and allow unauthorized access to sensitive data. Users must remain vigilant and implement security measures to safeguard against such exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/537339/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/537318/100/0/threaded
mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.