Primary

Context

Android Bluetooth Auracast Audio Stream Interception Vulnerability

Vulnerability

A vulnerability in the Bluetooth LE broadcast feature of Android has been identified, allowing for the interception of Auracast audio streams. This issue arises from an insecure default value in the password generation process, which could lead to remote information disclosure. The vulnerability does not require any additional execution privileges or user interaction for exploitation.

Impact

Exploitation of this vulnerability could result in unauthorized interception of audio streams, leading to potential information disclosure.

Remediation

Users can update their devices to the September 2025 security patch level to address this vulnerability.

Added: Sep 4, 2025, 7:43 PM

Updated: Sep 4, 2025, 7:43 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.6

remediation

0.0

relevance

0.5

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.6

remediation

0.0

relevance

0.5

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Bluetooth Auracast Audio Stream Interception Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating