CVE-2026-20970
📋 TL;DR
This vulnerability allows local attackers on Samsung devices to execute privileged APIs due to improper access control in SLocation. It affects Samsung devices running versions prior to the January 2026 security update. Attackers must have local access to the device to exploit this vulnerability.
💻 Affected Systems
- Samsung mobile devices with SLocation service
📦 What is this software?
Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →Android by Samsung
Android is Google's open-source mobile operating system powering over 3 billion devices worldwide, including smartphones, tablets, smart TVs, automotive systems, wearables, and IoT devices. As the world's dominant mobile OS with approximately 72% global market share, Android serves as the foundation...
Learn more about Android →⚠️ Risk & Real-World Impact
Worst Case
Local attacker gains full system privileges, potentially compromising device integrity, accessing sensitive data, or installing persistent malware.
Likely Case
Local attacker elevates privileges to access protected system functions, location data, or other restricted resources.
If Mitigated
With proper access controls and the patch applied, local users are restricted to their assigned privilege levels.
🎯 Exploit Status
Requires local access to the device. No public exploit code is known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: SMR Jan-2026 Release 1
Vendor Advisory: https://security.samsungmobile.com/securityUpdate.smsb?year=2026&month=01
Restart Required: Yes
Instructions:
1. Check for system updates in device Settings > Software update. 2. Download and install the January 2026 security update. 3. Restart the device after installation completes.
🔧 Temporary Workarounds
Disable SLocation service
androidTemporarily disable the vulnerable SLocation service to prevent exploitation
adb shell pm disable-user --user 0 com.samsung.android.location
🧯 If You Can't Patch
- Restrict physical access to devices and implement application allowlisting
- Monitor for suspicious privilege escalation attempts and unusual SLocation service activity
🔍 How to Verify
Check if Vulnerable:
Check device security patch level in Settings > About phone > Software information. If patch level is earlier than January 1, 2026, device is vulnerable.Check Version:
adb shell getprop ro.build.version.security_patchVerify Fix Applied:
Verify security patch level shows 'January 1, 2026' or later in device settings.📡 Detection & Monitoring
Log Indicators:
- Unusual SLocation service activity from non-system processes
- Privilege escalation attempts in system logs
- Unexpected API calls to privileged location functions
Network Indicators:
- Unusual location data transmission patterns
- Suspicious communication from SLocation service
SIEM Query:
process_name:"SLocation" AND event_type:"privilege_escalation" OR api_call:"privileged_location"