How severe is CVE-2025-0092?

CVE-2025-0092 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-0092

Name: android
Author: google

6.5MEDIUM

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with

Published: 8/26/2025Updated: 9/2/2025

Description

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

AI AnalysisPowered by AI

Affected Products

googleandroid

12.0

googleandroid

12.1

googleandroid

13.0

googleandroid

14.0

googleandroid

15.0

References

https://android.googlesource.com/platform/packages/modules/Bluetooth/+/090ca53cc13c12e3763777a6a3c7367641e9808f
Product
https://source.android.com/security/bulletin/2025-03-01
Vendor Advisory