Back to top

Samsung Email app security patch for CWE-297

Last updated September 11th, 2023



  • Knox Platform for Enterprise
  • EMMs
  • Samsung Email connected to Microsoft Exchange Server configured for Exchange ActiveSync
  • CWE-297


A vulnerability with certificate subject verification, CWE-297, has been identified in the Samsung Email app when it’s connected to a Microsoft Exchange Server and configured for Exchange ActiveSync. This vulnerability has been addressed in Samsung Email and higher.

The Samsung support team strongly advises you to update the Samsung Email app to version or higher.

If there are issues with signing in to or syncing the Samsung Email app after updating, refer to Unable to sign in to or sync Samsung Email app.

On this page

Is this page helpful?