CVE-2024-0028 – This vulnerability in Android's Audio Service a... (How to Fix)

Q: What is the severity of CVE-2024-0028?

CVE-2024-0028 has a CVSS score of 5.5 (MEDIUM). This vulnerability in Android's Audio Service allows local attackers to obtain MAC addresses of nearby Bluetooth devices without proper permission checks. It enables local privilege escalation without requiring user interaction. Affects Android devices with vulnerable Audio Service implementations.

📋 TL;DR

This vulnerability in Android's Audio Service allows local attackers to obtain MAC addresses of nearby Bluetooth devices without proper permission checks. It enables local privilege escalation without requiring user interaction. Affects Android devices with vulnerable Audio Service implementations.

💻 Affected Systems

Products:

Android devices with vulnerable Audio Service

Versions: Android versions prior to security patch addressing CVE-2024-0028

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Bluetooth capability and vulnerable Audio Service implementation.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could track device locations, perform Bluetooth-based attacks, and potentially chain with other vulnerabilities for further system compromise.

🟠

Likely Case

Unauthorized Bluetooth device discovery leading to privacy violations and potential device tracking.

🟢

If Mitigated

Limited to Bluetooth MAC address exposure without further system access.

🌐 Internet-Facing: LOW - Requires local access to device.

🏢 Internal Only: MEDIUM - Malicious apps or users on device can exploit without permissions.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local app installation or access, but no user interaction needed for exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android security patch that includes fix for CVE-2024-0028

Vendor Advisory: https://source.android.com/security/bulletin/android-16

Restart Required: No

Instructions:

1. Check for Android system updates in Settings > System > System update. 2. Install latest security patch. 3. Verify patch level includes CVE-2024-0028 fix.

🔧 Temporary Workarounds

Disable Bluetooth when not in use

Android

Reduces attack surface by limiting Bluetooth availability

Settings > Connected devices > Connection preferences > Bluetooth > Turn off

Restrict app permissions

Android

Review and limit Bluetooth permissions for installed apps

Settings > Apps > [App Name] > Permissions > Nearby devices > Deny

🧯 If You Can't Patch

Disable Bluetooth completely in device settings
Use device management policies to restrict Bluetooth access

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version > Security patch level

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level is dated after the CVE-2024-0028 fix release

📡 Detection & Monitoring

Log Indicators:

Unusual Bluetooth service access attempts
Permission denial logs for Bluetooth operations

Network Indicators:

Excessive Bluetooth discovery requests from single app

SIEM Query:

source="android_logs" AND (event="bluetooth_permission_denied" OR event="unauthorized_bluetooth_access")

📊 Metadata

CVE ID: CVE-2024-0028

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-862

EPSS Score: 0.01% exploit probability (0.2th percentile)

Published: September 5, 2025

Last Updated: September 8, 2025

🔗 References

https://source.android.com/security/bulletin/android-16 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-0028, you might also want to check these: