Home / Vulnerability Intelligence / CVE-2026-0010

CVE-2026-0010 - Vulnerability Analysis

HighCVSS: 8.4

Last Updated: March 3, 2026

IDrmManagerService - Privilege Escalation

Published: March 2, 2026Updated: March 3, 2026

Overview

IDrmManagerService contains an out of bounds write caused by missing bounds check in onTransact, letting local attackers escalate privileges without additional execution rights, exploit requires no user interaction.

Severity & Score

Severity: High

CVSS Score: 8.4

EPSS Score: 0.6%(Probability of exploitation in next 30 days)

Impact

Local attackers can escalate privileges, potentially gaining unauthorized access or control over the system.

Mitigation

Update to the latest version containing the fix.

References

https://source.android.com/security/bulletin/2026-03-01

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 3, 2026

🟠 CVE-2026-0010 - High (8.4) In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exp... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0010/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-0010
Severity: High
CVSS Score: 8.4
Type: out_of_bounds_rw
Status: modified
EPSS: 0.6%
Social Posts: 1

CWE

CWE-787

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.6%Probability of exploitation in the next 30 days