Skip to main content

Android Telecomm CVE-2026-28615

| EUVDEUVD-2026-37572 CRITICAL
Missing Authorization (CWE-862)
2026-06-17 google_android
10.0
CVSS 4.0 · Vendor: google_android
Share

Severity by source

Vendor (google_android) PRIMARY
10.0 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.4 MEDIUM

Local because a malicious app must be installed (AV:L); low app privileges suffice (PR:L); no user interaction; impact limited to unauthorized call initiation, not full device compromise.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (google_android).

CVSS VectorVendor: google_android

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 17, 2026 - 08:20 vuln.today
CVE Published
Jun 17, 2026 - 07:17 cve.org
CRITICAL 10.0

DescriptionCVE.org

In Telecomm, there is a possible way to initiate an unauthorized phone call due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

AnalysisAI

Local privilege escalation in Google Android's Telecomm component allows applications to initiate unauthorized phone calls by bypassing permission checks, with no user interaction required. The flaw is reported through the Android Security Bulletin for Android 17 and carries a CVSS 4.0 score of 10.0, though no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Trick user into installing malicious app
Delivery
App invokes Telecomm placeCall API
Exploit
Permission check bypassed in Telecomm
Execution
Unauthorized outbound call placed
Impact
Toll fraud or covert audio channel established

Vulnerability AssessmentAI

Exploitation Requires a malicious application already installed and running on the target Android device - the description characterizes this as 'local escalation of privilege,' so a network-only attacker cannot trigger it without first landing code on the device. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals are conflicting and warrant skepticism of the headline 10.0 score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A malicious app published to a third-party store, or sideloaded via social engineering, declares no telephony permissions (avoiding install-time scrutiny) and at runtime calls into the Telecomm API surface to place outbound calls to premium-rate or attacker-controlled numbers without prompting the user. With UI:N this can occur silently in the background, enabling toll fraud, exfiltration via DTMF, or use as a stepping stone to escalate within the telephony stack.
Remediation Apply patch available per vendor advisory by installing the Android security patch level corresponding to the Android 17 bulletin at https://source.android.com/docs/security/bulletin/android-17 - on Pixel devices this arrives via OTA, and on OEM devices it will follow each vendor's rollout schedule. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Conduct comprehensive audit of Android 17 device inventory using MDM tools and assess organizational exposure. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-28615 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy