CVE-2021-0965
📋 TL;DR
This vulnerability allows an attacker to pair Bluetooth devices with an Android device without user consent due to a missing permission check in the Settings app. It affects Android devices running versions 9 through 12, enabling local privilege escalation without requiring user interaction or additional execution privileges.
💻 Affected Systems
- Android Settings application
📦 What is this software?
Android by Google
Android by Google
Android by Google
Android by Google
⚠️ Risk & Real-World Impact
Worst Case
An attacker could pair malicious Bluetooth devices that intercept communications, inject malware, or perform man-in-the-middle attacks, potentially compromising sensitive data and device integrity.
Likely Case
Malicious apps could silently pair with Bluetooth peripherals to eavesdrop on audio, capture keystrokes from Bluetooth keyboards, or exfiltrate data through paired devices.
If Mitigated
With proper patching, the vulnerability is eliminated, requiring explicit user consent for all Bluetooth pairing operations as intended by Android's security model.
🎯 Exploit Status
Exploitation requires a malicious app to be installed on the device; no public exploit code has been disclosed, but the vulnerability is straightforward to exploit once understood.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Android Security Bulletin December 2021 patches
Vendor Advisory: https://source.android.com/security/bulletin/2021-12-01
Restart Required: Yes
Instructions:
1. Apply the December 2021 Android security patch from device manufacturer. 2. Update Android OS to latest available version. 3. Reboot device after update installation.
🔧 Temporary Workarounds
Disable Bluetooth when not in use
androidTurn off Bluetooth to prevent any pairing attempts while vulnerability exists
Settings > Connected devices > Connection preferences > Bluetooth > Toggle off
Restrict app permissions
androidReview and restrict Bluetooth permissions for all installed applications
Settings > Apps > [App Name] > Permissions > Nearby devices > Deny
🧯 If You Can't Patch
- Disable Bluetooth completely in device settings
- Implement mobile device management (MDM) policies to block Bluetooth pairing and restrict app installations
🔍 How to Verify
Check if Vulnerable:
Check Android version in Settings > About phone > Android version. If version is 9, 10, 11, or 12 and security patch level is before December 2021, device is vulnerable.Check Version:
Settings > About phone > Android versionVerify Fix Applied:
Verify Android security patch level is December 2021 or later in Settings > About phone > Android security patch level.📡 Detection & Monitoring
Log Indicators:
- Unexpected Bluetooth pairing events in system logs
- Bluetooth pairing attempts without user interaction logs
Network Indicators:
- Unauthorized Bluetooth device connections
- Unexpected Bluetooth traffic patterns
SIEM Query:
source="android_system" event_type="bluetooth_pairing" user_interaction="false"