Vulnerabilities > Samsung > Knox > 1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-27 | CVE-2016-3996 | Information Exposure vulnerability in Samsung Knox 1.0/2.3.0 ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application. | 5.5 |
| 2017-01-27 | CVE-2016-1920 | Improper Access Control vulnerability in Samsung Knox 1.0 Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | 5.5 |
| 2017-01-27 | CVE-2016-1919 | Information Exposure vulnerability in Samsung Knox 1.0 Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack. | 4.7 |