Description
In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2026-03-10
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

A logic error in the oobconfig component can bypass carrier restrictions, allowing a local attacker to elevate privileges without requiring additional execution privileges or user interaction. The flaw results in unauthorized access to system resources, posing a significant subversion risk to device integrity. This weakness aligns with unchecked or missing authorization controls (CWE‑693).

Affected Systems

The vulnerability affects Google Android. No specific Android versions are listed, so all devices running affected releases are potentially impacted until inventory and patching are confirmed.

Risk and Exploitability

The flaw carries a CVSS score of 8.4, indicating high severity, yet its EPSS score of less than 1% suggests a low likelihood of exploitation at present. It is not listed in the CISA KEV catalog. Exploitation can occur locally and does not require user interaction, implying that any privileged user or service with file access could trigger the escalation path. The primary attack vector is a local privilege escalation through logic bypass of carrier restriction checks.

Generated by OpenCVE AI on April 16, 2026 at 03:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Android security patch as detailed in the 2026‑03‑01 security bulletin for all affected devices.
  • Apply device or enterprise policies that disable or restrict modification of carrier configuration settings to prevent unauthorized changes.
  • Continuously monitor device logs and configuration states to detect any unintended alterations to carrier restrictions.

Generated by OpenCVE AI on April 16, 2026 at 03:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 03:45:00 +0000

Type Values Removed Values Added
Title OOBConfig Carrier Restriction Bypass Leading to Local Privilege Escalation

Wed, 11 Mar 2026 17:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Wed, 11 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-693
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Vendors & Products Google
Google android

Tue, 10 Mar 2026 22:30:00 +0000

Type Values Removed Values Added
References

Tue, 10 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 10 Mar 2026 21:00:00 +0000

Type Values Removed Values Added
Description In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References

Subscriptions

Google Android
cve-icon MITRE

Status: PUBLISHED

Assigner: Google_Devices

Published:

Updated: 2026-03-12T03:55:18.595Z

Reserved: 2025-10-23T08:43:15.313Z

Link: CVE-2026-0118

cve-icon Vulnrichment

Updated: 2026-03-11T13:56:17.629Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-10T21:16:45.267

Modified: 2026-03-11T16:48:45.033

Link: CVE-2026-0118

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T03:30:06Z

Weaknesses