MEDIUM🇵🇱 Wersja polska

CVE-2016-1919

CVSS 4.7v3.0pub. 2017-01-27upd. 2026-05-13

Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.

CVSS Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Samsung Knox

    APP
    Samsung
    ≤ 1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2019-6744MEDIUM4.3ten sam produkt

This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsu...

CVE-2016-1920MEDIUM5.5ten sam produkt

Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-midd...

CVE-2016-3996MEDIUM5.5ten sam produkt

ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users ...

CVE-2025-4632CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Path Traversal w Samsung MagicINFO 9 Server — zapis plików jako SYSTEM

CVE-2026-28573CRITICAL10.0ten sam vendor

In AndroidManifest.xml, there is a possible persistent denial of service due to a missing permission check. Th...