PatchSiren cyber security CVE debrief
CVE-2026-0154 Google CVE debrief
A memory corruption vulnerability was discovered in the Modem component, which could be triggered by a SIP REFER request. This vulnerability, tracked as CVE-2026-0154, could potentially lead to remote code execution without requiring additional execution privileges. Notably, user interaction is not necessary for exploitation.
- Vendor
- Product
- Android
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-17
Who should care
This vulnerability affects users of devices with a vulnerable Modem component. As the vendor and specific products affected are not clearly identified, users of Android devices, particularly those with Pixel phones, should review the security bulletin for their device.
Technical summary
The vulnerability is caused by memory corruption in the Modem component during a SIP REFER request. This could lead to remote code execution with no additional execution privileges needed.
Defensive priority
High
Recommended defensive actions
- Review and apply security updates as soon as available from the device manufacturer.
- Use secure communication protocols and validate inputs to mitigate potential exploitation attempts.
Evidence notes
The CVE record and NVD detail pages provide official information about the vulnerability. A reference to the Android Security Bulletin for Pixel devices is also provided.
Official resources
-
CVE-2026-0154 CVE record
CVE.org
-
CVE-2026-0154 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-0154 was published on 2026-06-16T20:16:26.063Z and modified on 2026-06-16T20:42:25.013Z.