Critical Severity Vulnerability
This vulnerability has been rated as Critical severity. Immediate action is recommended.
CVE-2026-0120
Critical
Low
Medium
High
Critical
9.8
CVSS Score
Vulnerability Description
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
H
Integrity
H
Availability
H
Known Affected Software
1 configuration(s) from 1 vendor(s)
android
Version:
-
CPE:
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
This vulnerability affects 1 software configuration(s). Ensure you patch all affected systems.
Severity Details
9.8
out of 10.0
Critical
Weakness Type (CWE)
CWE-787
Top 25 #2
Out-of-bounds Write
- Description
- The product writes data past the end, or before the beginning, of the intended buffer.
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Base
Key Information
- Published Date
- March 10, 2026
