Full title: Samsung Galaxy KNOX Android Browser Remote Code Execution Exploit 
Category: remote exploits
Platform: Android
This Metasploit module exploits a vulnerability that exists in the KNOX security component of the Samsung Galaxy firmware that allows a remote webpage to install an APK with arbitrary permissions by abusing the 'smdm://' protocol handler registered by the KNOX component. The vulnerability has been confirmed in the Samsung Galaxy S4, S5, Note 3, and Ace 4.

# 0day.today @ http://0day.today/