Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Critical Remote Code Execution Vulnerability Patched in Android

CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction. 

Android vulnerability

Google announced on Monday the release of an Android update patching a critical vulnerability that can be exploited for remote code execution.

The flaw, tracked as CVE-2026-0073, affects Android’s System component, allowing an attacker to exploit it to execute code as the shell user without additional execution privileges. User interaction is not required for exploitation. 

The advisory reveals that the issue impacts ‘adbd’ (Android Debug Bridge daemon), a background process running on Android devices that manages communication between the device and a computer, facilitating debugging and shell access.

Google has informed users that no patches have been released this month for Wear OS, Pixel Watch, Android XR, and Android Automotive. 

There is no indication that CVE-2026-0073 has been exploited in malicious attacks.

Only one Android vulnerability patched this year has been flagged as exploited in the wild

Advertisement. Scroll to continue reading.

Several flaws were exploited in attacks last year, including CVE-2024-43093, CVE-2024-50302, CVE‑2025‑27038, CVE-2025-48543, and CVE-2025-38352.

Google announced last week that it has significantly increased maximum bug bounty payouts for Android device vulnerabilities, offering up to $1.5 million for a zero-click Pixel Titan M exploit with persistence.

Related: Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users

Related: Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Related: Severe StrongBox Vulnerability Patched in Android

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

BlueVoyant has appointed Ravi Subramanian as CFO and Jamie Coleman as CCO.

Solana Foundation has appointed Michael Coates as Chief Information Security Officer.

Michael Sikorski has joined Coinbase as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.