Knox flaws give full control of Samsung Galaxy, Note devices

By

Researchers detail KNOXout attack.

Three major flaws in Samsung's KNOX mobile security platform for Android allow attackers to gain "full control" of Galaxy and Note 5 smartphones, Israeli researchers have discovered.

Knox flaws give full control of Samsung Galaxy, Note devices

Viral Security has posted a whitepaper and proof of concept for what the firm dubbed the KNOXout attack.

To succeed, the attack requires use of an existing write-what-where kernel vulnerability; in this case the researchers used CVE-2015-1805, a flaw in the processing of vectored pipes by the Linux kernel.

Attackers can then exploit three privilege escalation vulnerabilities within the Knox platform's real-time kernel protection to avoid its security mechanisms, execute their own code, and gain complete control of the phone.

The real-time kernel protection feature is responsible for defending against kernel exploits.

The researchers found it can be subverted to gain root privileges, and then disable additional kernel protections and load a custom, unsigned kernel module so the /system partition is remounted as writable.

"Malicious access to the system account can be used, for instance, to replace legitimate applications with rogue versions, with access to all available permissions, without the user’s notice," the researchers wrote.

Samsung told Wired the vulnerabilities had been patched in its May security update

It's the second time in a year researchers have uncovered weaknesses with the security platform. In May, Israeli researchers Uri Kanonov and Avishai Wool posted detail of three Knox and Android vulnerabilities, which, among other things, revealed security risks in sharing Knox services with user applications.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?