Android

Summary Field Value CVE ID CVE-2026-37762 Vulnerability Type Missing Authentication / Insecure Permissions CWE CWE-306, CWE-732 Attack Vector Network (Adjacent) CVSS v3.1 Base Score 8.8 (High) CVSS v3.1 Vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Assigned By MITRE Status Published Discovered By Mohammed Alzahrani Affected Products Field Value Device Skyworth SW-22AE NF (MediaTek m7332 platform) Firmware Build SW/SW6H_TG_NF/SW6H:11/RTT2.220103.001/20250701:user/release-keys Android Version 11 Security Patch 2025-06-01 Vulnerable App com.smartdevice.dailyshortcut (DailyHub) App Version 1.0.268.250721 (versionCode 1000268) System UID userId=1000 Code Path /system_ext/app/DailyHub Description The DailyHub system application (com.smartdevice.dailyshortcut), pre-installed on Skyworth Android TV devices, exposes two unauthenticated network services: ...