CVE-2016-3996

Name of the Vulnerable Software and Affected Versions Samsung KNOX versions 1.0.0 through 2.3.0

Description The issue is related to the ClipboardDataMgr in Samsung KNOX, which does not properly check the caller. This allows local users to read KNOX clipboard data via a crafted application.

Recommendations For Samsung KNOX versions 1.0.0 through 2.3.0, consider restricting access to the ClipboardDataMgr until a patch is available. As a temporary workaround, avoid using sensitive information in the KNOX clipboard. At the moment, there is no information about a newer version that contains a fix for this vulnerability.