Intrusion Prevention

Samsung.Galaxy.KNOX.Android.Browser.Remote.Code.Execution

Description

This indicates an attack attempt against an Elevation of Privilege vulnerability in KNOX security component of the Samsung Galaxy firmware.
The vulnerability is due to a design flaw when the vulnerable module handles a crafted update request. A remote attacker may be able to exploit this to install arbitrary application to execute arbitrary code within the context of the application, via a crafted update request to the vulnerable service.

Affected Products

Samsung Galaxy S4 version I9505XXUGNH8 or prior
Samsung Galaxy S4 mini version I9190UBUCNG1 or prior
Samsung Galaxy Note 3 version N9005XXUGNG1 or prior
Samsung Galaxy Ace 4 version G357FZXXU1ANHD or prior

Impact

System Compromise: Remote attackers can execute arbitrary code in the context of the affected application.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.