PatchSiren cyber security CVE debrief

CVE-2017-0426 Google CVE debrief

CVE-2017-0426 is an Android Filesystem information disclosure vulnerability that could let a local malicious application access data beyond its permissions. The issue is rated Moderate / Medium and affects Android 7.0, 7.1.0, and 7.1.1. Based on the published CVSS vector, successful abuse requires local access and user interaction, and the impact is confidentiality-only, with no integrity or availability impact recorded in the supplied record.

Vendor: Google
Product: CVE-2017-0426
CVSS: MEDIUM 5.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-08
Original CVE updated: 2026-05-13
Advisory published: 2017-02-08
Advisory updated: 2026-05-13

Who should care

Android security teams, device administrators, app platform maintainers, and organizations that manage Android 7.0/7.1.x devices should care because the flaw can expose sensitive data to an unprivileged local app.

Technical summary

The supplied NVD record classifies the weakness as CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The CVSS v3.0 vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N, indicating a local attack path, low complexity, no privileges required, user interaction required, and high confidentiality impact. The affected CPEs listed are Android 7.0, 7.1.0, and 7.1.1. The vendor reference points to the Android security bulletin dated 2017-02-01.

Defensive priority

Medium. This is not an execution or privilege-escalation bug, but it can expose sensitive data without permission, so exposed Android fleets should be patched promptly.

Recommended defensive actions

Review Android 7.0, 7.1.0, and 7.1.1 device inventories to determine exposure to this CVE.
Apply the Android security bulletin updates referenced in the vendor advisory for affected devices.
Prioritize remediation on devices that handle sensitive corporate or personal data.
Treat untrusted local app installations and sideloading as a higher-risk condition while remediation is pending.
Use the NVD and Android bulletin references to confirm whether a given device build includes the fix.

Evidence notes

The debrief is based on the supplied NVD record and referenced Android security bulletin. The record states that CVE-2017-0426 is an information disclosure in the Filesystem that allows a local malicious application to access data outside its permission levels. The published CVSS vector is CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N, and the affected Android versions listed in the CPE criteria are 7.0, 7.1.0, and 7.1.1. The source timeline shows the CVE published on 2017-02-08 and later modified on 2026-05-13; the issue date should be treated as the 2017 publication date, not the later modification date.

Official resources

CVE-2017-0426 CVE record
CVE.org
CVE-2017-0426 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Vendor Advisory

Publicly disclosed in the CVE/NVD record on 2017-02-08, with the Android security bulletin reference dated 2017-02-01 providing vendor context.