Back to top

Samsung Email app security patch for CWE-297

Last updated September 11th, 2023

Categories:

Environment

  • Knox Platform for Enterprise
  • EMMs
  • Samsung Email connected to Microsoft Exchange Server configured for Exchange ActiveSync
  • CWE-297

Overview

A vulnerability with certificate subject verification, CWE-297, has been identified in the Samsung Email app when it’s connected to a Microsoft Exchange Server and configured for Exchange ActiveSync. This vulnerability has been addressed in Samsung Email 6.1.82.0 and higher.

The Samsung support team strongly advises you to update the Samsung Email app to version 6.1.82.0 or higher.

If there are issues with signing in to or syncing the Samsung Email app after updating, refer to Unable to sign in to or sync Samsung Email app.

On this page

Is this page helpful?