CVE-2025-0074 – This critical vulnerability in Android's Blueto... (How to Fix)

Q: What is the severity of CVE-2025-0074?

CVE-2025-0074 has a CVSS score of 9.8 (CRITICAL). This critical vulnerability in Android's Bluetooth stack allows remote attackers to execute arbitrary code without user interaction or additional privileges. It affects Android devices with vulnerable Bluetooth implementations, potentially impacting billions of devices worldwide.

📋 TL;DR

This critical vulnerability in Android's Bluetooth stack allows remote attackers to execute arbitrary code without user interaction or additional privileges. It affects Android devices with vulnerable Bluetooth implementations, potentially impacting billions of devices worldwide.

💻 Affected Systems

Products:

Android devices with Bluetooth functionality

Versions: Android versions prior to March 2025 security patch

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Bluetooth must be enabled for exploitation. All Android devices with Bluetooth are potentially affected unless patched.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attacker to install persistent malware, steal sensitive data, and use device as pivot point in network attacks.

🟠

Likely Case

Remote code execution leading to data theft, surveillance capabilities, and device enrollment in botnets.

🟢

If Mitigated

Limited impact if Bluetooth is disabled or device is patched, though initial exploitation window remains critical.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

No user interaction required. Attacker needs to be within Bluetooth range (~10 meters).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: March 2025 Android Security Patch or later

Vendor Advisory: https://source.android.com/security/bulletin/2025-03-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install March 2025 security patch. 3. Reboot device. 4. Verify patch installation in Settings > About phone > Android version.

🔧 Temporary Workarounds

Disable Bluetooth

android

Turn off Bluetooth functionality to prevent exploitation

adb shell settings put global bluetooth_on 0
Or manually disable in Settings > Connected devices > Connection preferences > Bluetooth

Restrict Bluetooth visibility

android

Set device to non-discoverable mode to reduce attack surface

adb shell settings put global bluetooth_discoverability 0

🧯 If You Can't Patch

Disable Bluetooth completely when not in active use
Implement network segmentation to isolate vulnerable devices from critical systems

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version. If before March 2025, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows March 2025 or later. Check Bluetooth functionality remains operational.

📡 Detection & Monitoring

Log Indicators:

Unusual Bluetooth connection attempts
SDP (Service Discovery Protocol) anomalies in Bluetooth logs
Crash reports from com.android.bluetooth process

Network Indicators:

Anomalous Bluetooth traffic patterns
Unexpected SDP service advertisements
Multiple failed connection attempts from unknown devices

SIEM Query:

source="android_logs" AND process="com.android.bluetooth" AND (message="*use-after-free*" OR message="*SDP*" OR message="*crash*")

📊 Metadata

CVE ID: CVE-2025-0074

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.26% exploit probability (49.1th percentile)

Published: August 26, 2025

Last Updated: September 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0074, you might also want to check these: