Description
In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an emergency call due to a logic error in the code. This could lead to local with null execution privileges needed. User interaction is null for exploitation.
Published: 2026-06-01
Score: 4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A logic error in the CallIntentProcessor component of Android allows an attacker with local access to initiate an emergency call without requiring user interaction or elevated privileges. The flaw bypasses normal permission checks in the call flow, enabling a device to broadcast an emergency call (e.g., 911) automatically. This misuse can trigger an unnecessary emergency response and may incur financial or resource costs, but does not lead to remote code execution or data exfiltration.

Affected Systems

The vulnerability affects Android operating system versions that include the CallIntentProcessor module, specifically Android 14.0, 15.0, 16.0, and 16.0 qpr2, as indicated by the affected CPE entries. All installations of these releases that have not yet applied the vendor’s fix are potentially vulnerable.

Risk and Exploitability

The CVSS base score is 4, indicating a low severity, and the EPSS score is below 1%, reflecting a very low probability of exploitation. The flaw is local, requires no special privileges, and does not need user interaction, which can simplify exploitation for an attacker with physical or logical access to the device. The vulnerability is not listed in CISA’s KEV catalog, suggesting no known active exploitation.

Generated by OpenCVE AI on June 3, 2026 at 04:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Android update that includes the vendor fix referenced in the recent security bulletin.
  • Stay current with subsequent security bulletins and apply any additional mitigations promptly.
  • Avoid installing or enabling third‑party applications that request emergency call permissions unless they are from trusted system sources.

Generated by OpenCVE AI on June 3, 2026 at 04:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:google:android:16.0:qpr2:*:*:*:*:*:* cpe:2.3:o:google:android:16.0:qpr2_beta_1:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:qpr2_beta_2:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:qpr2_beta_3:*:*:*:*:*:*

Wed, 03 Jun 2026 04:30:00 +0000

Type Values Removed Values Added
Title Unauthorized Emergency Call via Logic Error in Android Call Intent Processor

Wed, 03 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Title Local Emergency Call Bypass Without User Interaction
Weaknesses CWE-269
CWE-284

Tue, 02 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476
CPEs cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:qpr2:*:*:*:*:*:*

Tue, 02 Jun 2026 02:45:00 +0000

Type Values Removed Values Added
Title Local Emergency Call Bypass Without User Interaction
Weaknesses CWE-269
CWE-284

Tue, 02 Jun 2026 01:15:00 +0000

Type Values Removed Values Added
Title Android Logic Error Enabling Unauthenticated Emergency Calls
Weaknesses CWE-269
CWE-284

Tue, 02 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Vendors & Products Google
Google android

Mon, 01 Jun 2026 23:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
Title Android Logic Error Enabling Unauthenticated Emergency Calls
Weaknesses CWE-269
CWE-284

Mon, 01 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Description In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an emergency call due to a logic error in the code. This could lead to local with null execution privileges needed. User interaction is null for exploitation.
References

Subscriptions

Google Android
cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published:

Updated: 2026-06-01T22:39:11.373Z

Reserved: 2026-03-02T19:10:53.531Z

Link: CVE-2026-28581

cve-icon Vulnrichment

Updated: 2026-06-01T22:39:03.906Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-01T22:16:25.110

Modified: 2026-06-03T13:29:14.770

Link: CVE-2026-28581

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-03T04:15:24Z

Weaknesses