CVE-2017-10963

Name of the Vulnerable Software and Affected Versions Knox SDS IAM and EMM version 16.11

Description A man-in-the-middle attacker can install any application into the Knox container without the user's knowledge by inspecting network traffic from a Samsung server and injecting content at a certain point in the update sequence. This installed application can further leak information stored inside the Knox container to the outside world.

Recommendations For Knox SDS IAM and EMM version 16.11, consider restricting access to the update sequence to minimize the risk of exploitation. As a temporary workaround, restrict network traffic from Samsung servers to prevent content injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.