How severe is CVE-2025-0092?

CVE-2025-0092 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-0092

Name: android
Author: google

6.5MEDIUM

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with

Veröffentlicht: 8/26/2025Aktualisiert: 9/2/2025

Beschreibung

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

KI-AnalyseKI-gestützt

Betroffene Produkte

googleandroid

12.0

googleandroid

12.1

googleandroid

13.0

googleandroid

14.0

googleandroid

15.0

Referenzen

https://android.googlesource.com/platform/packages/modules/Bluetooth/+/090ca53cc13c12e3763777a6a3c7367641e9808f
Product
https://source.android.com/security/bulletin/2025-03-01
Vendor Advisory