Description
In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Published: 2026-03-02
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Escalation of Privilege
Action: Immediate Patch
AI Analysis

Impact

PermissionManagerServiceImpl.java contains a logic error in its removePermission routine that permits an application to override any system permission. The flaw can be exploited to grant elevated privileges without additional execution rights, and requires user interaction, making it a local attack that depends on the victim’s device being accessed or an app being granted permissions.

Affected Systems

Google Android 14.0 is the affected product. Devices running this version are potentially vulnerable; earlier Android releases are not listed as affected.

Risk and Exploitability

The vulnerability scores a CVSS of 7.8, indicating high severity, but the EPSS score is below 1%, suggesting a low probability of exploitation in the wild. It is not listed in the KEV catalog and requires direct user interaction, meaning the flaw is a local privilege escalation vector that can compromise device security if an attacker gains physical or user‑based access.

Generated by OpenCVE AI on April 16, 2026 at 14:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device to a version of Android that includes the fix for this permission override bug.
  • Restrict or revoke the use of the removePermission API on Android 14.0 devices for non‑trusted applications.
  • Monitor device logs for unexpected permission changes and consider disabling permission removal features for third‑party apps.

Generated by OpenCVE AI on April 16, 2026 at 14:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 14:45:00 +0000

Type Values Removed Values Added
Title Logical Error Allows Local Escalation by Overriding System Permissions

Fri, 06 Mar 2026 04:30:00 +0000

Type Values Removed Values Added
References

Fri, 06 Mar 2026 04:15:00 +0000

Type Values Removed Values Added
References

Tue, 03 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
Vendors & Products Google
Google android

Mon, 02 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-862
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
References

Subscriptions

Google Android
cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published:

Updated: 2026-03-06T03:52:00.451Z

Reserved: 2025-10-15T15:39:05.639Z

Link: CVE-2026-0026

cve-icon Vulnrichment

Updated: 2026-03-02T22:09:18.344Z

cve-icon NVD

Status : Modified

Published: 2026-03-02T19:16:30.783

Modified: 2026-03-06T04:16:05.257

Link: CVE-2026-0026

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:30:16Z

Weaknesses