Описание
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
EPSS
Процентиль: 4%
0.00019
Низкий
4 Medium
CVSS3
4.3 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-280
CWE-755
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.
EPSS
Процентиль: 4%
0.00019
Низкий
4 Medium
CVSS3
4.3 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-280
CWE-755