How severe is CVE-2025-0092?

CVE-2025-0092 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-0092

Name: android
Author: google

6.5MEDIUM

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with

게시됨: 8/26/2025업데이트됨: 9/2/2025

설명

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

AI 분석AI 기반

영향받는 제품

googleandroid

12.0

googleandroid

12.1

googleandroid

13.0

googleandroid

14.0

googleandroid

15.0

참조

https://android.googlesource.com/platform/packages/modules/Bluetooth/+/090ca53cc13c12e3763777a6a3c7367641e9808f
Product
https://source.android.com/security/bulletin/2025-03-01
Vendor Advisory