Affected Products
| Vendor | Product | Versions |
|---|---|---|
| platform | packages/modules/Bluetooth | 14, 13, 14:0 |
| platform | system/bt | 12, 12L:0, 12L |
Timeline
- Mar 1, 2025 CVE Published
- May 7, 2026 CVE Updated
In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
| Vendor | Product | Versions |
|---|---|---|
| platform | packages/modules/Bluetooth | 14, 13, 14:0 |
| platform | system/bt | 12, 12L:0, 12L |