Android Bluetooth Stack Unencrypted Communication Vulnerability in BLE Security Handling

Vulnerability

A vulnerability exists in the Android Bluetooth stack, specifically within the Bluetooth Low Energy (BLE) security management. The issue arises from improper error handling in multiple functions of the file 'btm_ble_sec.cc', which can lead to unencrypted communication. This flaw allows for remote information disclosure without requiring additional execution privileges or user interaction.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information transmitted over Bluetooth, potentially leading to privacy breaches or unauthorized data interception.

Added: Mar 2, 2026, 7:48 PM

Updated: Mar 2, 2026, 10:14 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.9

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.9

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Bluetooth Stack Unencrypted Communication Vulnerability in BLE Security Handling

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating