Red Magic 11 Pro allows non-privileged apps to access sensitive areas

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.0

Red Magic 11 Pro allows non-privileged apps to access sensitive areas

CVE-2026-40002

Summary

The Red Magic 11 Pro smartphone has a security flaw that lets malicious apps access areas of the phone they shouldn't be able to. This means an attacker could potentially write files to areas of the phone they shouldn't be able to and change important settings. You should update your phone to the latest software to fix this issue.

Original title

Original description

Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific partitions and set writable system properties.

nvd CVSS3.1 5.0

Vulnerability type

CWE-269 Improper Privilege Management

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/8224335890517...

Published: 17 Apr 2026 · Updated: 17 Apr 2026 · First seen: 17 Apr 2026