Home / Vulnerability Intelligence / CVE-2026-0010

CVE-2026-0010 - Vulnerability Analysis

HighCVSS: 8.4

Last Updated: March 3, 2026

IDrmManagerService - Privilege Escalation

Published: March 2, 2026Updated: March 3, 2026

Overview

IDrmManagerService contains an out of bounds write caused by missing bounds check in onTransact, letting local attackers escalate privileges without additional execution rights, exploit requires no user interaction.

Severity & Score

Severity: High

CVSS Score: 8.4

Impact

Local attackers can escalate privileges, potentially gaining unauthorized access or control over the system.

Mitigation

Update to the latest version containing the fix.

References

https://source.android.com/security/bulletin/2026-03-01

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-0010
Severity: High
CVSS Score: 8.4
Type: out_of_bounds_rw
Status: confirmed

CWE

CWE-787

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H