IBM researchers have identified that more than 55% of Android users appeared to have impacted with Android serialization vulnerability – CVE-2015-3825. This basically means Android versions 4.3 and newer are vulnerable to this vulnerability.
An advanced attackers could exploit this vulnerability to give a malicious app with no or least privileges the ability to become a super app/user and help the attacker to own the device,” said Or Peles, security researcher at IBM’s X-Force application security research team.”
Security experts have demonstrated that the vulnerability can be used to replace legitimate apps installed on the targeted Android device with malicious apps, steal data from installed applications, change the SELinux policy and, in some cases, load malicious kernel modules.The flaw in OpenSSLX509Certificate class in Android can be exploited by an app to compromise the system_server process – and gain powerful system-level access on the device.”
A document about this vulnerability is available here
IBM Demo for this vulnerability
