A serious vulnerability has been discovered in a Samsung device security solution that runs on Android and is used by government agencies, including the Pentagon.
Knox is a software that bolsters security and privacy on Android-based Samsung devices. It works by creating a secure container that prevents anything stored within it from interacting with anything stored outside of it, depending on user configurations.
Knox, however, contains a security flaw that could allow an attacker to intercept communications between the secure container and any file transfers, emails and browser activity outside of it.
Mordechai Guri, an Israeli security researcher from Ben-Gurion University (BGU) of the Negev's Cyber Security Labs, discovered the vulnerability. Guri is part of a research team at the university that focuses on mobile related research topics.
According to a post published on the school's website, the flaw currently only affects users with Samsung's Galaxy S4.
In May, the Department of Defense (DoD) cleared two smartphone and tablet manufacturers to be sold to the Pentagon and run on its internal networks. One of the devices included Knox on the Galaxy S4. Due to security fears, the DoD previously restricted staff from using Android devices on internal networks.
“The Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands,” Guri said in the post.
Researchers have contacted Samsung with details on the vulnerability so it may be addressed quickly.“To solve this weakness, Samsung may need to recall their devices or at least publish an over the air software fix immediately,” Dudu Mimran, chief technology officer of BGU's Cyber Security Labs said in the post. “The weakness found may require Samsung to re-think a few aspects of their secure architecture in future models.”