Primary

Context

Samsung Mobile PACM Improper Input Validation Vulnerability Allowing Arbitrary Command Execution

Vulnerability

A vulnerability exists in Samsung Mobile devices running Android 14, 15, or 16, specifically within the PACM component, prior to the February 2026 Security Maintenance Release. This vulnerability allows a physical attacker to execute arbitrary commands due to improper input validation. The issue has been privately disclosed and is part of a broader security update that includes patches for various vulnerabilities.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands, potentially allowing a physical attacker to manipulate device functionality or access sensitive information.

Remediation

Users can apply the February 2026 Security Maintenance Release to address this vulnerability. This update is part of the regular monthly security update process for Samsung Mobile devices.

Added: Feb 4, 2026, 7:24 AM

Updated: Feb 4, 2026, 7:24 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Mobile PACM Improper Input Validation Vulnerability Allowing Arbitrary Command Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating