Android Settings: Improper Intent Verification by Broadcast Receiver
CVE-2026-20988 Published on March 16, 2026

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability.

NVD

Products Associated with CVE-2026-20988

Want to know whenever a new CVE is published for Samsung Mobile Devices? stack.watch will email you.

Samsung Mobile Devices

Affected Versions

Samsung Mobile Devices Version SMR Mar-2026 Release in Android 16 is unaffected by CVE-2026-20988

Exploit Probability

EPSS

0.01%

Percentile

2.47%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Android Settings: Improper Intent Verification by Broadcast ReceiverCVE-2026-20988 Published on March 16, 2026

Products Associated with CVE-2026-20988

Affected Versions

Exploit Probability

Android Settings: Improper Intent Verification by Broadcast Receiver
CVE-2026-20988 Published on March 16, 2026