Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

OpenSSLX509Certificate

CVE-2015-3825

OpenSSLX509Certificate is a vulnerability in Android OS that can be exploited by cybercriminals to run a malicious application with administrator privileges (UID 1000). All versions of Android operating systems starting with 4.3 and higher (including Android M) are subject to this vulnerability.

If Dr.Web for Android has detected this vulnerability, it is strongly recommended to contact the device manufacturer to get necessary updates for the operating system.

Technical details

The vulnerability exists in the OpenSSLX509Certificate component of the operating system. By exploiting this vulnerability, cybercriminals can compromise the system_server process and execute a custom code with system privileges. Moreover, an application that runs using this flaw can substitute any installed program (except for system programs) with another one.

See also information about other vulnerabilities

© Doctor Web
2003 — 2022

Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies