Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

OpenSSLX509Certificate

CVE-2015-3825

OpenSSLX509Certificate is a vulnerability in Android OS that can be exploited by cybercriminals to run a malicious application with administrator privileges (UID 1000). All versions of Android operating systems starting with 4.3 and higher (including Android M) are subject to this vulnerability.

If Dr.Web for Android has detected this vulnerability, it is strongly recommended to contact the device manufacturer to get necessary updates for the operating system.

Technical details

The vulnerability exists in the OpenSSLX509Certificate component of the operating system. By exploiting this vulnerability, cybercriminals can compromise the system_server process and execute a custom code with system privileges. Moreover, an application that runs using this flaw can substitute any installed program (except for system programs) with another one.

See also information about other vulnerabilities

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040