¡¾·ì϶¹«¸æ¡¿Android ADB ÈÏÖ¤Èƹý·ì϶(CVE-2026-0073)

°ä²¼¹¦·ò 2026-05-06

Ò»¡¢¡¢¡¢·ì϶¸ÅÊö


·ì϶Ãû³Æ

Android ADB ÈÏÖ¤Èƹý·ì϶

CVE   ID

CVE-2026-0073

·ì϶ÀàÐÍ

ÈÏÖ¤Èƹý

·¢ÏÖ¹¦·ò

2026-5-6

·ì϶ÆÀ·Ö

8.8

·ì϶µÈ¼¶

¸ßΣ

¹¥»÷ÏòÁ¿

¾ÖÓòÍø

ËùÐèȨÏÞ

ÎÞ

ÀûÓÃÄѶÈ

µÍ

Óû§½»»¥

²»±ØÒª

PoC/EXP

Òѹ«¿ª

ÔÚÒ°ÀûÓÃ

δ·¢ÏÖ


AndroidÊÇGoogleÍƳöµÄÒƶ¯²Ù×÷ϵͳ£¬£¬£¬¿í·ºÀûÓÃÓÚÖÇÄÜÊÖ»ú¡¢¡¢¡¢Æ½°å¼°Ç¶ÈëʽÉ豸£¬£¬£¬Ìṩ¸øÓ÷¨Ê½ÖÎÀí¡¢¡¢¡¢Ó²¼þÇý¶¯¡¢¡¢¡¢ÏµÍ³°²È«ºÍÍøÂçͨѶְÄÜ£¬£¬£¬Ö§³Öwireless ADBµ÷ÊÔ¼°Ô¶³ÌÖÎÀí¡£¡£


2026Äê5ÔÂ6ÈÕ£¬£¬£¬OG¶«·½Ìü°²È«Ó¦¼±ÏìÓ¦ÖÐÐÄ£¨VSRC£©¼à²âµ½Android ADBÈÏÖ¤Èƹý·ì϶¡£¡£¸Ã·ì϶´æÔÚÓÚplatform/packages/modules/adb/daemon/auth.cppÎļþÖУ¬£¬£¬ÓÉÓÚadbd_tls_verify_certʹÓÃEVP_PKEY_cmpÑéÖ¤¿Í»§¶ËÖ¤Ê鹫ԿʱºöÂÔ¿çËã·¨±ÈÁ¦·µ»ØÖµ£¬£¬£¬µ¼Ö¹¥»÷Õß¿ÉÔÚÎÞÐèÓû§½»»¥Çé¿öÏÂÈƹýÉí·ÝÑéÖ¤£¬£¬£¬Í¨¹ýÌṩ·ÇRSA TLS¿Í»§¶ËÖ¤Êé³ÉΪÊÚȨADB host²¢»ñÈ¡shellÓû§È¨ÏÞ£¬£¬£¬´Ó¶øÔ¶³Ì½Ó¼ûϵͳµ÷ÊÔ½Ó¿Ú£¬£¬£¬¶ÁÈ¡Ãô¸ÐÐÅÏ¢¡¢¡¢¡¢Ö´ÐкÅÁî¡¢¡¢¡¢Åú¸ÄÅäÖ㬣¬£¬¿ÉÄÜÎ¥·´Êý¾Ý±£»£»¤ºÍÆóÒµ°²È«Õþ²ß£¬£¬£¬¶Ô»ú¹¹ºÍÓû§°²È«Ôì³ÉÑÏÖØÓ°Ïì¡£¡£


¶þ¡¢¡¢¡¢Ó°ÏìÁìÓò


Android 14 < 2026-05-01°²È«²¹¶¡
Android 15 < 2026-05-01°²È«²¹¶¡
Android 16 < 2026-05-01°²È«²¹¶¡
Android 16-qpr2 < 2026-05-01°²È«²¹¶¡


Èý¡¢¡¢¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


¹Ù·½ÒÑ°ä²¼ÐÞ¸´²¹¶¡£¬£¬£¬ÒÔÐÞ¸´¸Ã·ì϶¡£¡£
×°ÖÃAndroidϵͳ°²È«²¹¶¡2026-05-01»ò¸ü¸ß°æ±¾£¬£¬£¬È·±£adbd×Ó×é¼þÒÑÐÞ¸´·ì϶


ÏÂÔØÁ´½Ó£º£ºhttps://source.android.com/docs/security/bulletin/2026/2026-05-01?hl=zh-cn/


3.2 һʱ´ëÊ©


ÔÝÎÞ¡£¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬£¬£¬Ï÷¼õϵͳ·ì϶£¬£¬£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£¡£
? ¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÖÆ£¬£¬£¬Åú¸Ä·À»ðǽսÊõ£¬£¬£¬¹Ø±Õ·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬£¬£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢¡¢¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬£¬£¬Ï÷¼õ¹¥»÷Ãæ¡£¡£
? Ê¹ÓÃÆóÒµ¼¶°²È«²úÆ·£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£¡£
? ¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬ÆôÓöà³É·ÖÈÏÖ¤»úÖƺÍ×îСȨÏÞ×¼Ôò£¬£¬£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏ޶ȡ£¡£
? ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£¡£


3.4 ²Î¿¼Á´½Ó


https://source.android.com/docs/security/bulletin/2026/2026-05-01?hl=zh-cn/
https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/