CVE-2026-20980
MEDIUMSamsung Android PACM Before SMR Feb-2026 Release 1 - Physical Command Execution
Title source: manualExploitation Summary
EIP tracks 1 public exploit for CVE-2026-20980. PoCs published by Vikramaditya015.
AI-analyzed exploit summary This repository contains a functional local privilege escalation (LPE) exploit for a Samsung Android vulnerability (CVE-2026-20982). The exploit leverages a binder transaction vulnerability in the `IShortcutService` to achieve arbitrary file write and ultimately escalate privileges by manipulating the `packages.xml` file.
Description
Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to execute arbitrary commands.
Exploits (1)
This repository contains a functional local privilege escalation (LPE) exploit for a Samsung Android vulnerability (CVE-2026-20982). The exploit leverages a binder transaction vulnerability in the `IShortcutService` to achieve arbitrary file write and ultimately escalate privileges by manipulating the `packages.xml` file.
References (1)
Scores
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H