30 Dec 2013
Researchers of the Israel Ben-Gurion University’s (BGU) Cyber Security Labs found a critical vulnerability in Samsung Knox mobile devices, according to a BGU press release.
The vulnerability allows an attacker to intercept file transfers, browser activity and emails. The data communication interception is made between the secure container and the external world.
“To solve this weakness, Samsung may need to recall their devices or at least publish an over the air software fix immediately,” said Dudu Mimran, Chief Technology Officer of BGU labs. “The weakness found may require Samsung to re-think a few aspects of their secure architecture in future models.”
The bug was reported immediately to Samsung as it is alleged to impact Samsung Galaxy S4 devices.
Samsung Knox is nowadays used by government agencies and organizations. The security solution is currently under review for approval by the US Department of Defense.