Wednesday, June 23, 2021

Breaking: Severe security flaws found in Samsung Secure Folder, Knox, and DeX allows attackers to access user’s personal data

Like any other smartphone, Samsung devices also come pre-installed with some native applications such as Galaxy Store, Samsung DeX, Notes, Knox security, Secure Folder, and so on. However, these are stock apps, users are not allowed to remove them from the smartphone.

Recently, a mobile security startup has found seven security flaws in Samsung’s pre-installed apps that could allow attackers to access the users’ personal data. According to Oversecured (via TechCrunch), the CVEs were found in several apps and components bundled with Samsung’s Galaxy devices.

Adding to this, the official pointed out that the vulnerabilities could have allowed a malicious app on the Galaxy S10+ to steal the user’s personal data such as photos, videos, contacts, messages, call records, and change setting “without any user consent or notice” by capturing the permissions from Samsung’s stock apps.

Samsung Secure Folder’s flaw could have allowed the theft of data by exploiting a vulnerability in the app as it has a “large set” of rights across the device. Another bug found in Samsung’s Knox security software could have been abused to install other malicious apps.  At the same time, a Samsung DeX bug could have been used to scrape data from user notifications from apps, email inboxes, and messages.

Sergey Toshin, founder of Oversecured said, “the vulnerabilities were verified on a Samsung Galaxy S10+ but that all Samsung devices could be potentially affected because the baked-in apps are responsible for system functionality.”

Well, Oversecured published technical details of the vulnerabilities in a blog post and reported the bugs to Samsung. According to Oversecured:

Samsung confirmed the flaws affected “selected” Galaxy devices but would not provide a list of specific devices. “There have been no known reported issues globally and users should be assured that their sensitive information was not at risk,” but provided no evidence for this claim. “We addressed the potential vulnerability by developing and issuing security patches via software update in April and May, 2021 as soon as we identified this issue.”


  • Join SammyFans on Telegram
  • Like on Facebook
  • Follow SammyFans on Twitter
  • Get news in graphics on Instagram
  • Get the latest insights through Google News
  • Send us tips at –
James Lee Taylor
James is the lead content creator on Sammy Fans and mostly works on Samsung's firmware section. His first phone was the Samsung Galaxy S4 and continue to get new S series devices. Most of the time, James tries to learn about new technologies and gadgets but he also sneaks a bit of free time to nearby rivers and nature.

Leave a Reply