module
Samsung Galaxy KNOX Android Browser RCE
Disclosed | Created |
---|---|
2014-11-12 | 2018-05-30 |
Disclosed
2014-11-12
Created
2018-05-30
Description
A vulnerability exists in the KNOX security component of the Samsung Galaxy
firmware that allows a remote webpage to install an APK with arbitrary
permissions by abusing the 'smdm://' protocol handler registered by the KNOX
component.
The vulnerability has been confirmed in the Samsung Galaxy S4, S5, Note 3,
and Ace 4.
firmware that allows a remote webpage to install an APK with arbitrary
permissions by abusing the 'smdm://' protocol handler registered by the KNOX
component.
The vulnerability has been confirmed in the Samsung Galaxy S4, S5, Note 3,
and Ace 4.
Authors
Andre Moulu
jduck jduck@metasploit.com
joev joev@metasploit.com
jduck jduck@metasploit.com
joev joev@metasploit.com
Platform
Android
Architectures
dalvik
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.