CVE-2026-0634
HIGHCode Execution in AssistFeedbackService on TECNO Pova7 Pro 5G
Title source: cnaDescription
Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection.
References (1)
Scores
CVSS v3
7.8
EPSS
0.0005
EPSS Percentile
16.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-88
Status
published
Products (1)
TECNO Mobile/TECNO Pova7 Pro 5G
HiOS V15.1.0
Published
Apr 02, 2026
Tracked Since
Apr 02, 2026