CVE-2026-0073

Name of the Vulnerable Software and Affected Versions Android versions 14 through 16

Description A logic error in the adbd tls verify cert function within auth.cpp of the Android Debug Bridge daemon (adbd) allows a bypass of wireless ADB mutual authentication. This is a zero-click vulnerability that requires no user interaction, such as clicking links or installing applications. An attacker in physical proximity or on the same local network can exploit this flaw to achieve remote code execution as the shell user. Technical analysis indicates the issue involves a heap-based buffer overflow caused by an integer underflow when the adbd daemon parses malformed service discovery headers during mDNS (Multicast DNS) or SSDP (Simple Service Discovery Protocol) negotiation. This allows the attacker to overwrite memory and redirect execution flow to a shellcode payload, granting immediate terminal access to the device.

Recommendations Update to the May 2026 security patch (2026-05-01 or later). Disable the "Wireless debugging" feature in Settings > System > Developer options. Restrict access to the adbd daemon by disabling Developer Options via Enterprise Mobility Management (EMM) for corporate devices.