RESEARCHERS identified a high-severity, eight-year-old vulnerability in the KNOX kernel of Samsung devices, affecting models from Galaxy S9 to S25 (CVE-2026-20971, CVSS 7.8). The flaw arises from a race condition that could be exploited via an untrusted app, potentially leading to kernel memory corruption. Samsung addressed this issue in their January 2026 update.
Although initially considered locally exploitable, the risk exists that attackers could exploit it to gain control over devices, prompting a need for vigilance and security updates by users.