← All stories

CIS Advisories

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

2026-03-04 · Read original ↗

ATT&CK techniques detected

6 predictions

T1068Exploitation for Privilege Escalation

75%

"##lnerabilities in kernel that could allow for elevation of privilege. ( cve - 2024 - 43859, cve - 2026 - 0037, cve - 2026 - 0038, cve - 2025 - 38616, cve - 2025 - 38618, cve - 2025 - 39682, cve - 2025 - 39946, cve - 2026 - 0029, cve - 2026 - 0027, cve - 2026 - 0028, cve - 2026 -…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1203Exploitation for Client Execution

67%

"google android os, the most severe of which could allow for remote code execution in the context of the affected component. following the mitre att & ck framework, exploitation of these vulnerabilities can be classified as follows : tactic : execution ( ta0002 ) technique : explo…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

56%

"##4, cve - 2026 - 0015 ) * multiple vulnerabilities in system that could allow for denial of service. ( cve - 2025 - 48631, cve - 2025 - 48585, cve - 2025 - 48587, cve - 2025 - 48609 ) * multiple vulnerabilities in system that could allow for information disclosure. ( cve - 2024 …"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1588.006Vulnerabilities

49%

"- 47397, cve - 2025 - 47398, cve - 2025 - 59600, cve - 2026 - 21385 ) * multiple vulnerabilities in qualcomm closed - source components. ( cve - 2025 - 47339, cve - 2025 - 47346, cve - 2025 - 47348, cve - 2025 - 47366, cve - 2025 - 47378, cve - 2025 - 47385, cve - 2025 - 47395, c…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1068Exploitation for Privilege Escalation

40%

", cve - 2025 - 48645, cve - 2025 - 48646, cve - 2025 - 48654, cve - 2026 - 0007, cve - 2026 - 0008, cve - 2026 - 0010, cve - 2026 - 0011, cve - 2026 - 0013, cve - 2026 - 0020, cve - 2026 - 0023, cve - 2026 - 0026, cve - 2026 - 0034 ) * a vulnerability in system that could allow f…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1190Exploit Public-Facing Application

31%

"enterprise assets through automated patch management on a monthly, or more frequent, basis. o safeguard 7. 5 : perform automated vulnerability scans of internal enterprise assets : perform automated vulnerability scans of internal enterprise assets on a quarterly, or more frequen…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

<p>Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.<strong> </strong></p>