CVE Catalog

CVE-2026-0019

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.08%

0th percentile — higher than 0% of all known CVEs

Summary

In SettingsLib, there is a logic error that may allow disabling system components. This could lead to local escalation of privilege without the need for additional execution privileges.

Risk Assessment

The organization may be exposed to local privilege escalation, potentially leading to unauthorized access to the system.

Recommendation

It is recommended to review and fix the code in SettingsLib to eliminate the logic error and to monitor the system for unauthorized changes.

Original NVD description (English source)

In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS