CVE-2025-26453
📋 TL;DR
This vulnerability in Android's Bluetooth file sharing component allows unauthorized access to files across user profiles on the same device. It affects Android devices with multiple user profiles where Bluetooth file sharing is enabled. The flaw enables local information disclosure without requiring user interaction or elevated privileges.
💻 Affected Systems
- Android
📦 What is this software?
Android by Google
Android by Google
Android by Google
⚠️ Risk & Real-World Impact
Worst Case
Sensitive files from one user profile could be accessed by another user profile on the same device, potentially exposing personal data, documents, or credentials.
Likely Case
Limited data leakage between user profiles on shared devices, such as work profiles accessing personal profile files or vice versa.
If Mitigated
With proper user profile separation and Bluetooth restrictions, impact would be minimal to none.
🎯 Exploit Status
Exploitation requires local access to the device and knowledge of the vulnerability, but no user interaction or special privileges.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Android Security Patch Level June 2025 or later
Vendor Advisory: https://source.android.com/security/bulletin/2025-06-01
Restart Required: No
Instructions:
1. Check for system updates in Settings > System > System update. 2. Install the June 2025 Android security patch or later. 3. Verify the patch level in Settings > About phone > Android version > Security patch level.
🔧 Temporary Workarounds
Disable Bluetooth file sharing
allPrevent Bluetooth file transfer functionality to mitigate the vulnerability
Restrict user profile switching
allLimit or disable multiple user profiles on shared devices
🧯 If You Can't Patch
- Disable Bluetooth completely on affected devices
- Implement strict access controls preventing unauthorized users from accessing devices
🔍 How to Verify
Check if Vulnerable:
Check Security Patch Level in Settings > About phone > Android version. If before June 2025, device is vulnerable.Check Version:
adb shell getprop ro.build.version.security_patchVerify Fix Applied:
Verify Security Patch Level shows June 2025 or later after applying updates.📡 Detection & Monitoring
Log Indicators:
- Unusual Bluetooth file transfer attempts between user profiles
- Access violations in Bluetooth service logs
Network Indicators:
- Bluetooth file transfer activity patterns matching exploitation
SIEM Query:
source="android_logs" AND (process="bluetooth" OR service="bluetooth") AND (event="file_transfer" OR event="access_violation")