Bypassancy of Knox Guard in a Multi-User Environment Due to Improper Check for Exception Conditions

CVE-2024-34664

4.1MEDIUM

Key Information

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 8 October 2024

Summary

Improper check for exception conditions in Knox Guard prior to SMR Oct-2024 Release 1 allows physical attackers to bypass Knox Guard in a multi-user environment.

Affected Version(s)

Samsung Mobile Devices <= SMR Oct-2024 Release in Android 12, 13, 14

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 8, 2024
Vulnerability Reserved.
May 7, 2024

Collectors

NVD DatabaseMitre Database