CVE-2016-1920

Name of the Vulnerable Software and Affected Versions Samsung KNOX version 1.0.0

Description The issue allows local users to conduct man-in-the-middle attacks. This is demonstrated by installing a certificate and running a VPN service, which enables attackers to intercept and manipulate communication.

Recommendations For Samsung KNOX version 1.0.0, consider restricting the use of shared certificates on Android to minimize the risk of exploitation. As a temporary workaround, avoid using VPN services that could be used to conduct man-in-the-middle attacks until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.