CVE-2019-6744

Name of the Vulnerable Software and Affected Versions Samsung Knox version 1.2.02.39

Description This issue allows local attackers to disclose sensitive information on affected installations. An attacker must first obtain physical access to the device to exploit this. The flaw exists within the handling of the lock screen for Secure Folder, resulting from the lack of proper validation that a user has correctly authenticated. This can be leveraged to disclose the contents of the secure container.

Recommendations For Samsung Knox version 1.2.02.39, consider disabling the lock screen feature for Secure Folder until a patch is available to prevent exploitation. Restrict physical access to devices to minimize the risk of this issue being exploited.