SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
5 Oct 2016

Security flaw in Samsung Knox could give hackers full control of your phone

Samsung hasn't had the best few weeks. Security experts have disclosed three vulnerabilities in the system the company created to "enhance security" of the Android operating system.

Researchers from Israeli firm Viral Security Group exposed the flaws in Samsung's Knox system, which they say "allowed full control" of a Samsung Galaxy S6 and the Galaxy Note 5 used for testing back in June. The vulnerabilities, which require an existing flaw to operate, were reported to Samsung earlier this year.

The company says it fixed them in a recent security update. In a white paper provided and later published online (alongside proof of concept material) the researchers detail how hackers could get around the protections that are intended to protect data stored on a phone. Dubbed KNOXout, the experts exploited privilege escalation vulnerabilities within Knox's Real-time Kernel Protection (RKP). To get around the protection they used the existing kernel vulnerability CVE-2015-1805 – known as a write-what-where vulnerability.

"Once you have the existing vulnerability this one overcomes all of Samsung's protection mechanisms and gives you complete control of the device," Nimrod Ben Em, the group's founder and Lev Aronsky, head of R&D, told. When inside the kernel the security researchers were able to "explore" the protection mechanism of the RKP. They were then able to avoid protections and execute their own code.

"Samsung's Knox system is meant to provide a secure environment for their cellphones – we didn't expect to find anything," the pair said. "You can use our vulnerability to overcome the protections to Samsung Knox." Explaining one of the vulnerabilities in their paper, the researchers said: "Malicious access to the system account can be used, for instance, to replace legitimate applications with rogue versions, with access to all available permissions, without the user’s notice." Using the technique they were also able to disable additional kernel protections and "achieve root privileges".

"Overall I think this is a good paper," Zuk Avraham, founder of Zimperium, who was not involved with the research, told. "It demonstrates once again that write-what-where and arbitrary read vulnerabilities remain a challenge for mitigations." A spokesperson for Samsung said customers are encouraged to keep their software and apps updated and that updates can be downloaded wirelessly. "Samsung was made aware of this particular vulnerability and a fix was deployed as part of our May security update," the spokesperson said. The vulnerabilities aren't the first time the Knox platform has suffered from security problems. Some "relatable" research into the Android Kernel was published earlier this year, Joshua Drake, a senior director of platform research at Zimperium said.

Tags:
Samsung information leaks
Source:
Wired
1964
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015