—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Remote Code Execution Vulnerability in Android OS

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Android 14, 15, 16

Android 16-QPR2

Overview

A vulnerability has been reported in Android OS, which could allow a remote attacker to execute arbitrary code on the targeted system.

Target Audience:

All end-user organizations and individuals using Android OS.

Risk Assessment:

Risk of remote code execution.

Impact Assessment:

High risk of unauthorized access of data and data manipulation.

Description

Android is an open-source operating system primarily designed for mobile devices, including smart phones, tablets, smart watches and other embedded system.

A vulnerability has been reported in Android OS due to improper handling of authentication in the Android Debug Bridge daemon (adbd) component. An attacker on the same network could exploit this vulnerability by running code as the shell user without needing extra permissions, or any user interaction.

Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system.

Solution

Apply appropriate updates as mentioned by the vendor:

https://source.android.com/docs/security/bulletin/2026/2026-05-01

Vendor Information

Android

https://source.android.com/docs/security

References

 

https://source.android.com/docs/security/bulletin/2026/2026-05-01

CVE Name

CVE-2026-0073

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmn7U0UACgkQ3jCgcSdc

ys+eog//cUUl0ZnwSYr8xfRU0F8W8dc3NNNGLuxWgA10IOpr7K5c7Qw57FHOgfZe

az7Dh1VQFYiuI+icj+tNqhb88kdhdJEkXIWA3lNODaJCjxjxrfaWuzf2M2FpqNtZ

5OdIfqU7JkqmFfSfz31LbOyqaMPLLoKfpTuuYOl9PByPDH6PoiLbVooH9Cu7fk/u

7yh5WYbluW4t1mB5VklEiKF3TovumwOfTn9zxoqAnmQFN9ImNnF5rKhwyB45QWsM

dX4GcQLssurh1MtradJ067orBxb0uZFvNp3Z3Hu5hsOPoBEGoRsG/1jTzL5EtW4w

muh5ipv0OIMLYLJBDRXkihyIUE+Vr32nId69vNlsJtcUlmrV050QXyENVDZXuunV

RQlbTwcV/DoYkQR9bGUhIPsqBcrJMEKvhXa75jU/acz1qsTFljZQ0EjJMxAwEy8q

1kKWdXaCZV4WUQuXjqe+pQed81yGqEm4B8DqYhlW28Zm+szvaMuLAdxz5bhFQ05F

KGj//6q5K1EV0yYFj/xU4NCijF7zuBspXC92RuhwQiJhA3JeQIndVSxMBQ7OPSX+

POW0jTOSLaghfkoGk5jVUmq4/aEJ5PqIxsKPJU8c+WsguS/Wogjc5nYrwxAJCoAR

eS0gf22mCTLsN0o3OZ/Jkv+hZuwOatYXhznghpXJQjM4RE8GYGQ=

=y10/

—–END PGP SIGNATURE—–