OpenSSLX509Certificate is a vulnerability in Android OS that can be exploited by cybercriminals to run a malicious application with administrator privileges (UID 1000). All versions of Android operating systems starting with 4.3 and higher (including Android M) are subject to this vulnerability.

If Dr.Web for Android has detected this vulnerability, it is strongly recommended to contact the device manufacturer to get necessary updates for the operating system.

Technical details

The vulnerability exists in the OpenSSLX509Certificate component of the operating system. By exploiting this vulnerability, cybercriminals can compromise the system_server process and execute a custom code with system privileges. Moreover, an application that runs using this flaw can substitute any installed program (except for system programs) with another one.