Primary

Context

Samsung LeAudioService Improper Access Control Vulnerability Allowing Auracast Manipulation

Vulnerability

A vulnerability exists in the LeAudioService component of Samsung devices running Android 14 and 15, prior to the July 2025 Security Maintenance Release. This vulnerability allows local attackers to interfere with Auracast broadcasting by manipulating its controls. The issue stems from improper access control, which the July 2025 update has addressed by implementing the necessary access restrictions.

Impact

Exploitation of this vulnerability could disrupt Auracast broadcasting, potentially leading to unauthorized manipulation of audio streaming features.

Remediation

Users can apply the July 2025 Security Maintenance Release to address this vulnerability. This update is part of the regular monthly security patch process and includes all necessary fixes from Samsung and Google.

Added: Jul 8, 2025, 12:02 PM

Updated: Jul 8, 2025, 12:02 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung LeAudioService Improper Access Control Vulnerability Allowing Auracast Manipulation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating