Unrated

Persistent denial of service in Android Framework AndroidManifest.xml

IdentifiersCVE-2026-28573CWE-862

CVE-2026-28573 is a high-severity Android Framework vulnerability affecting AOSP versions 14 and 16, as described in the June 2026 Wear OS Security Bulletin. The issue is attributed to a missing permission check in AndroidManifest.xml. According to the provided content, this authorization flaw can be abused to trigger a persistent denial of service condition on the affected device. The bulletin states that exploitation does not require additional execution privileges and does not require user interaction.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can cause a local persistent denial of service on an affected Android/Wear OS device. Based on the provided content, the attacker can disrupt normal device operation without needing elevated privileges or user interaction, potentially leaving the device in a repeatedly failing or unusable state until corrective action or an update is applied.

Mitigation

If you can’t patch tonight, do this now.

Where immediate patching is not possible, reduce exposure by restricting access to the affected local attack surface, reviewing and tightening application/component permissions, and ensuring relevant platform security updates and Google Play system updates are installed where available. The provided content specifically points to implementing permission checks and validating access controls as the relevant defensive measures.

Remediation

Patch, then assume compromise.

Apply the fixes provided in the June 2026 Wear OS Security Bulletin and the associated June 2026 Android Security Bulletin security patch level 2026-06-05 or later, as made available by the device supplier. The provided content also indicates the underlying issue should be corrected by adding the necessary permission checks in AndroidManifest.xml and validating access controls for the affected sensitive operation.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

ACTIVITY FEED

Recent activity

8 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

8 SOURCESView more in app

cvefeed high severityNews

Jun 18, 2026

CVE-2026-28573 - Android Persistent Denial of Service

A critical Android vulnerability involving a missing permission check in AndroidManifest.xml that can cause persistent denial of service.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity6

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES

MITRE CVE

cve.org · CVE-2026-28573

NVD

nvd.nist.gov/vuln/detail/CVE-2026-28573

MITRE CWE · CWE-862

cwe.mitre.org