CVE-2026-20981
MEDIUMFacAtFunction <SMR Feb-2026 Release 1 - Command Injection
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2026-20981. PoCs published by Vikramaditya015.
AI-analyzed exploit summary This repository contains a functional local privilege escalation (LPE) exploit for a Samsung Android vulnerability (CVE-2026-20982). The exploit leverages a vulnerable Binder transaction in the `IShortcutService` to achieve arbitrary file write and ultimately escalate privileges by manipulating the `packages.xml` file.
Description
Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.
Exploits (1)
This repository contains a functional local privilege escalation (LPE) exploit for a Samsung Android vulnerability (CVE-2026-20982). The exploit leverages a vulnerable Binder transaction in the `IShortcutService` to achieve arbitrary file write and ultimately escalate privileges by manipulating the `packages.xml` file.
References (1)
Scores
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H