How severe is CVE-2025-0092?

CVE-2025-0092 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-0092

Name: android
Author: google

6.5MEDIUM

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with

Publicado: 8/26/2025Actualizado: 9/2/2025

Descripción

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Análisis IAImpulsado por IA

Productos Afectados

googleandroid

12.0

googleandroid

12.1

googleandroid

13.0

googleandroid

14.0

googleandroid

15.0

Referencias

https://android.googlesource.com/platform/packages/modules/Bluetooth/+/090ca53cc13c12e3763777a6a3c7367641e9808f
Product
https://source.android.com/security/bulletin/2025-03-01
Vendor Advisory