Security Issue in Samsung Knox Allows Hackers to Gain Control of the Devices

Security researchers from the Israeli Viral Security Group identified three serious vulnerabilities in the Samsung Knox function which allows hackers to gain full control of the compromised devices.

Samsung Knox is Dangerous

Samsung Knox has been identified as being extremely dangerous, even though the company has devised it as a security enhancing feature. Experts from the Israeli company Viral Security Group discovered three distinct issues in the feature that allows remote control of two devices – Samsung Galaxy S6 and Galaxy Note 5 which were used for tests.

The research team detailed their findings in a paper along with proof of concept information. The attack used several privilege escalation vulnerabilities that bypass the Knox’s Real-Time Kernel Protection. To get around this security feature the researchers use another security issue – CVE-2015-1895, also known as a “write-what-where vulnerability”. When the kernel is breached, the researchers are given the ability to explore the protection mechanisms.

This set of exploits overcomes all Samsung protection mechanisms and gives the attackers full remote control access to the target devices. The researchers have been able to execute their own arbitrary code at a low system level, giving them the potential to unleash devastating attacks. The consequences allow for several scenarios which the criminals can utilise:

  • The replacement of legitimate applications with rogue versions
  • Accessing data from the applications
  • Eavesdropping on the users
  • Rooting of the device

Samsung has said that customers should keep their software and mobile applications updated. The issues were fixed in the recent security updates issued by the company.

Was this content helpful?

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *