CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-1920

Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.1%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

http://www.securityfocus.com/archive/1/537318/100/0/threaded
http://www.securityfocus.com/archive/1/537339/100/0/threaded
http://www.securityfocus.com/archive/1/537318/100/0/threaded
http://www.securityfocus.com/archive/1/537339/100/0/threaded

Products affected by CVE-2016-1920

Samsung » Knox » Version: 1.0

cpe:2.3:a:samsung:knox:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1920

Products

Pricing

Contact Us