How severe is CVE-2025-0092?

CVE-2025-0092 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-0092

Name: android
Author: google

6.5MEDIUM

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with

发布于: 8/26/2025更新于: 9/2/2025

描述

In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

AI分析AI驱动

受影响产品

googleandroid

12.0

googleandroid

12.1

googleandroid

13.0

googleandroid

14.0

googleandroid

15.0

参考资料

https://android.googlesource.com/platform/packages/modules/Bluetooth/+/090ca53cc13c12e3763777a6a3c7367641e9808f
Product
https://source.android.com/security/bulletin/2025-03-01
Vendor Advisory