Description
In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2026-03-02
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Local Denial of Service
Action: Update Devices
AI Analysis

Impact

In multiple functions of MmsProvider.java a path traversal flaw allows an attacker to delete arbitrary files that impact telephony, SMS, and MMS services, leading to a local denial of service without requiring elevated privileges. This is a classic resource depletion vulnerability, classified as CWE-400.

Affected Systems

The vulnerability affects Google Android versions 14.0, 15.0 and 16.0 as indicated by the CPE entries.

Risk and Exploitability

The CVSS score of 9.1 indicates high severity. The EPSS score of less than 1% suggests that active exploitation is unlikely at present, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires local code execution or direct device access and does not require user interaction, making it a local attack vector.

Generated by OpenCVE AI on April 22, 2026 at 19:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the device to the patched Android release as described in the Android Security Bulletin March 2026.
  • Disable or restrict MMS services on affected devices if an immediate patch is not available.
  • If the device cannot be updated or MMS must remain enabled, isolate it from external networks and block MMS traffic to minimize the risk of exploitation.

Generated by OpenCVE AI on April 22, 2026 at 19:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Arbitrary File Deletion via MmsProvider Path Traversal Leading to Local Denial of Service in Android

Fri, 06 Mar 2026 04:30:00 +0000

Type Values Removed Values Added
References

Fri, 06 Mar 2026 04:15:00 +0000

Type Values Removed Values Added
References

Tue, 03 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
CPEs cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*
Vendors & Products Google
Google android

Tue, 03 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
References

Subscriptions

Google Android
cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published:

Updated: 2026-04-08T15:06:00.453Z

Reserved: 2025-05-22T18:12:16.422Z

Link: CVE-2025-48609

cve-icon Vulnrichment

Updated: 2026-03-03T15:22:30.763Z

cve-icon NVD

Status : Modified

Published: 2026-03-02T19:16:27.060

Modified: 2026-03-06T04:15:58.680

Link: CVE-2025-48609

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T20:00:08Z

Weaknesses