Code Execution Vulnerability in TECNO Pova7 Pro 5G Android Device
CVE-2026-0634

7.8HIGH

Key Information:

Vendor: Tecno Mobile
Status: Tecno Pova7 Pro 5g
Vendor: CVE Published:; 2 April 2026

🔔 Create Tecno Mobile Vulnerability Alert

What is CVE-2026-0634?

A vulnerability has been identified in the AssistFeedbackService of the TECNO Pova7 Pro 5G on Android, which allows local applications to exploit command injection techniques. This flaw provides the potential for arbitrary code execution as the system user, posing serious security implications.

Affected Version(s)

TECNO Pova7 Pro 5G Android HiOS V15.1.0

References

https://security.tecno.com/SRC/securityUpdates

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2026
Vulnerability Reserved
Jan 6, 2026

CVE-2026-0634 Data

JSON