Vulnerability Details CVE-2025-0092
In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.3%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2025-0092
-
cpe:2.3:o:google:android:12.0
-
cpe:2.3:o:google:android:12.1
-
cpe:2.3:o:google:android:13.0
-
cpe:2.3:o:google:android:14.0
-
cpe:2.3:o:google:android:15.0