CVE-2025-32330: Information disclosure in Google Android
In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept the Auracast audio stream due to an insecure default value. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-32330: Information disclosure in Google Android
Description
In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept the Auracast audio stream due to an insecure default value. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- google_android
- Date Reserved
- 2025-04-04T23:30:30.732Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 68b9dcc588499799243c2f26
Added to database: 9/4/2025, 6:39:01 PM
Last updated: 9/4/2025, 6:39:01 PM
Views: 1
Related Threats
CVE-2025-48533: Elevation of privilege in Google Android
UnknownCVE-2025-48530: Remote code execution in Google Android
UnknownCVE-2025-22441: Elevation of privilege in Google Android
UnknownCVE-2025-48581: Elevation of privilege in Google Android
UnknownCVE-2025-48563: Elevation of privilege in Google Android
UnknownActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.