{
	"id": "d77e3094-251f-4b3b-a0f0-727bdb48fa9a",
	"created_at": "2026-04-06T00:07:05.367256Z",
	"updated_at": "2026-04-10T13:12:08.978477Z",
	"deleted_at": null,
	"sha1_hash": "b67551d539498ef935cb17d32d45632a9fef53b1",
	"title": "APP-32 · Mobile Threat Catalogue",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 41993,
	"plain_text": "APP-32 · Mobile Threat Catalogue\r\nArchived: 2026-04-05 19:21:18 UTC\r\nMobile Threat Catalogue\r\nExploiting Access to Enterprise Resources\r\nContribute\r\nThreat Category: Malicious or privacy-invasive application\r\nID: APP-32\r\nThreat Description: Any device-wide communication channels, such as an encrypted enterprise Wi-Fi\r\nconnection, may be accessible to all apps running on the device. This may allow an attacker to bypass some\r\nnetwork defense mechanisms, such as network access control or firewalls, thereby facilitating attacks against\r\nenterprise resources from within the enterprise network.\r\nThreat Origin\r\nNot Applicable, See Exploit or CVE Examples\r\nExploit Examples\r\nJuniper Networks Third Annual Mobile Threats Report 1\r\nCVE Examples\r\nCVE-2016-10292\r\nPossible Countermeasures\r\nEnterprise\r\nDeploy MAM or MDM solutions with policies that prohibit the side-loading of apps, which may bypass security\r\nchecks on the app.\r\nDeploy MAM or MDM solutions with policies that prohibit the installation of apps from 3rd party (unofficial) app\r\nstores.\r\nUse app-vetting tools or services to identify apps that perform host discovery or attempt to access hosts with\r\ninternal (e.g. inside a private LAN) domains or IP addresses.\r\nUse features such as Apple iOS Managed Apps, Android for Work, or Samsung KNOX Workspace that provide\r\nsome level of separation between personal apps and enterprise apps to mitigate the impact of malicious behaviors,\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-32.html\r\nPage 1 of 2\n\nincluding use of per-app/per-user VPN features, so that only enterprise-approved apps can traverse the VPN and\r\naccess enterprise resources.\r\nMobile Device User\r\nUse Android Verify Apps feature to identify potentially harmful.\r\nReferences\r\nSource: https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-32.html\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-32.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-32.html"
	],
	"report_names": [
		"APP-32.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434025,
	"ts_updated_at": 1775826728,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/b67551d539498ef935cb17d32d45632a9fef53b1.pdf",
		"text": "https://archive.orkl.eu/b67551d539498ef935cb17d32d45632a9fef53b1.txt",
		"img": "https://archive.orkl.eu/b67551d539498ef935cb17d32d45632a9fef53b1.jpg"
	}
}