Description
In Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2026-06-17
Score: 10 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A missing permission check in the Android Package Manager allows an attacker to bypass the device lock controller, resulting in local privilege escalation. The flaw requires no additional execution privileges or user interaction, enabling an attacker to gain elevated rights on a host that already has local access. This represents a classic privilege‑escalation weakness (CWE‑269) that could allow modification of device state, installation of malicious packages, or access to protected data.

Affected Systems

Google Android devices are affected, as documented in the Android 17 security bulletin. The advisory does not enumerate specific affected Android versions, but the issue is addressed in the Android 17 security patch. All installations that run the vulnerable Package Manager without the proper permission enforcement are susceptible.

Risk and Exploitability

The CVSS score of 10 indicates catastrophic severity, and the EPSS score of less than 1% suggests a low likelihood of exploitation at present. While it is not listed in the CISA KEV catalog, the vulnerability permits local privilege escalation without user interaction. Based on the description, it is inferred that the attack can be launched from any local user without additional exploits, making it broadly exploitable if the device remains unpatched.

Generated by OpenCVE AI on June 17, 2026 at 18:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Android security patch (Android 17 or later) that addresses the missing permission check in Package Manager.
  • Restart the device to ensure the patch is fully applied and the lock controller functionality is restored.
  • Monitor system logs for signs of privilege escalation attempts and verify that the device lock controller now requires proper permissions before granting elevated actions.

Generated by OpenCVE AI on June 17, 2026 at 18:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 17 Jun 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Vendors & Products Google
Google android

Wed, 17 Jun 2026 07:45:00 +0000

Type Values Removed Values Added
Description In Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Metrics cvssV4_0

{'score': 10, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Google Android
cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published:

Updated: 2026-06-17T14:20:30.027Z

Reserved: 2025-10-15T15:42:51.569Z

Link: CVE-2026-0092

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-17T08:30:04Z

Weaknesses

No weakness.