Mobile Threat Catalogue

Improper Digital Certificate Validation

Contribute

Threat Category: Enterprise Mobility

ID: EMM-0

Threat Description: The EMM application on the device may improperly validate X.509 certificates, which can allow attackers to perform man in the middle attacks using a crafted certificate.

Threat Origin

The Security of MDM Systems1

Exploit Examples

Not Applicable

CVE Examples

Possible Countermeasures

Enterprise

As part of the decision process when choosing to deploy an EMM solution that uses an on-device agent app, verify with the suite vendor that the agent app properly validates the digital certificate of the EMM server for any communication session.

Consider choosing on-device agent apps that have certified against the most recent NIAP protection profile for MDM agents, as this provides a measure of assurance that the agent properly validates digital certificates.

To mitigate the risk of a MiTM attack on remote agent-server communications (for on-premises deployments) due to improper certificate validation by the agent, use mobile OS-provided VPN features to first establish a secure connection to the enterprise network.

References

  1. S. Andrivet, The Security of MDM systems, presented at Hack In Paris, 20 June 2013; https://hackinparis.com/data/slides/2013/MDM-HIP_2013.pdf [accessed 8/23/2016]