Remote Code Execution Vulnerability in Bluetooth of Android Devices
CVE-2025-48593
Key Information:
Badges
What is CVE-2025-48593?
This vulnerability in the Bluetooth functionality of Android devices can lead to potential remote code execution caused by a use-after-free condition in the bta_hf_client_cb_init function. As a result, attackers can exploit this issue without needing additional execution privileges or user interaction, compromising the integrity and security of affected devices. Users are advised to apply the latest security updates to mitigate the risks associated with this vulnerability.
Affected Version(s)
Android 16
Android 15
Android 14
News Articles
The Logical IndianCVE-2025-48593CERT-In Issues High Alert for Millions of Android Users in India: Who’s at Risk and How to Stay Safe - The Logical Indian
CERT-In warns millions of Android users in India to update November 2025 security patches urgently to fix critical zero-click vulnerability.
1 week ago
CVE-2025-48593: Critical Zero-Click Vulnerability in Android Enables Remote Code Execution | SOC Prime
Explore CVE-2025-48593 analysis, a critical remote code execution vulnerability in Android, with the details on the SOC Prime blog.
2 weeks ago
Cyber PressCVE-2025-48593Critical Android 0-Click Vulnerability Enables Remote Code Execution
The vulnerability, tracked as CVE-2025-48593, represents a severe risk to Android devices worldwide and affects multiple versions of the operating system.
2 weeks ago