Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Janus

CVE-2017-13156

A vulnerability in the Android system which allows cybercriminals to modify the APK applications without changes in their digital signature. The Android architecture implies that all developers must sign their applications. When installing updates, the system checks their digital signature and, if it complies with the current version, the update is installed.

The Janus vulnerability allows to add additional content to the APK application without modifying the digital signature. That’s why cybercriminals can integrate a malicious module into an update of some secure program. This module will be freely installed and launched on a vulnerable device.

If Dr.Web for Android has detected this vulnerability, it is strongly recommended that you contact the device manufacturer to get necessary updates for the operating system.

Technical details

The Janus vulnerability allows to integrate a modified executable DEX file into the APK file, which is an archive. This DEX file does not have influence on the digital signature. In other words, cybercriminals can use Janus to replace the executable file of an application with a malicious copy which has all system permissions of the original file. Only applications that use the digital signature on the basis of JAR, which was replaced with the new technology Signature Scheme v2 in Android 7.0 Nougat, are subject to the vulnerability. In new Android versions, the only vulnerable applications are those not using the latest technology of the digital signature and also programs downloaded and installed not from Google Play. The following Android versions are vulnerable: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0.

See also information about other vulnerabilities

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040