An out-of-bounds write flaw in the usim_SendMCCMNCIndMsg function of the Android USIM registration module can corrupt adjacent memory, enabling an attacker to elevate privileges to a physically higher level without gaining additional execution rights. This memory corruption, identified as CWE-787, may overwrite control data or critical structures, allowing the attacker to gain root‑level or device‑level privileges and compromise confidentiality, integrity, and availability. No user interaction is required to trigger the bug, making it a local privilege escalation opportunity.

The vulnerability affects Google Android devices. Specific Android releases are not listed, so any build containing the default USIM registration component defined by the provided CPE is potentially vulnerable. No version constraints are supplied, meaning all affected Android firmware iterations may be impacted.

The CVSS score of 6.8 reflects moderate severity, while the EPSS score of <1 % indicates a very low probability of exploitation at the current time. The defect is not in the CISA KEV catalog, suggesting no widespread exploitation has been observed. Because no user interaction is necessary, a local attacker who can deliver a crafted USIM message could exploit the flaw. Overall, the risk is moderate, but the low exploitation probability and lack of known public exploits lower the immediacy of the threat.