Skip to main content

Android SettingsLib CVE-2026-0071

| EUVDEUVD-2026-37567 CRITICAL
Missing Authorization (CWE-862)
2026-06-17 google_android
10.0
CVSS 4.0 · Vendor: google_android
Share

Severity by source

Vendor (google_android) PRIMARY
10.0 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.8 HIGH

Description states local EoP with no UI; a low-privilege app is the realistic caller, so AV:L/PR:L/UI:N, yielding full system C/I/A impact.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (google_android).

CVSS VectorVendor: google_android

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 17, 2026 - 08:28 vuln.today
CVE Published
Jun 17, 2026 - 07:09 cve.org
CRITICAL 10.0

DescriptionCVE.org

In SettingsLib, there is a possible missing permission check due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

AnalysisAI

Local privilege escalation in Android's SettingsLib component stems from a missing permission check caused by a logic error, allowing on-device attackers to elevate privileges without user interaction or additional execution rights. No public exploit identified at time of analysis, and the issue is addressed in the Android Security Bulletin for Android 17. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Install malicious app on device
Delivery
Invoke unguarded SettingsLib API
Exploit
Bypass missing permission check
Execution
Gain system-level privileges
Impact
Abuse settings/account/network state

Vulnerability AssessmentAI

Exploitation Attacker must have local code execution on the Android device - typically via an installed app - that can reach the SettingsLib code path containing the missing permission check; no user interaction and no additional execution privileges are required once the app runs. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are sharply conflicting. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A malicious app installed on the device (e.g., sideloaded or delivered via a trojanized Play listing) silently invokes the unguarded SettingsLib code path and obtains system-level privileges without prompting the user, then pivots to read protected settings, modify network/account state, or stage further on-device compromise. No public PoC is identified at time of analysis, but the absence of required user interaction makes such an app highly stealthy once installed.
Remediation Patch available per vendor advisory - apply the Android Security Bulletin update referenced at https://source.android.com/docs/security/bulletin/android-17 by moving devices to the security patch level that includes the SettingsLib fix; exact fix version is not enumerated in the input data and should be read from the bulletin entry for CVE-2026-0071. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory organizational Android devices and audit current OS versions. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-0071 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy