Information Disclosure in OPPO Clone Phone Due to Weak WiFi Hotspot Password
CVE-2025-27387

7.4HIGH

Key Information:

Vendor: Oppo
Status: Coloros
Vendor: CVE Published:; 23 June 2025

What is CVE-2025-27387?

The OPPO Clone Phone app has a vulnerability that exposes sensitive data due to the use of a weak password for its WiFi hotspot feature. This weakness allows unauthorized individuals to intercept and access data transferred between devices, posing a significant risk to user privacy and data integrity. Users should be aware of this issue and take necessary precautions to secure their information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ColorOS 15.0.2 and below

References

https://security.oppo.com/en/noticeDetail?notice_only_key...

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
Feb 24, 2025

JSON

Oppo

What is CVE-2025-27387?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.