CVE-2023-35657 - Exploiting Type Confusion in `bta_av_config_ind` for Out-of-Bounds Reading
A serious security vulnerability was identified in the Android Bluetooth stack, specifically within the function bta_av_config_ind in the file bta_av_aact.
CVE-2025-22435 - Exploiting a Type Confusion Vulnerability in `avdt_msg_ind` (Bluetooth)
A new security vulnerability, CVE-2025-22435, has been identified in the AVRCP Bluetooth implementation, specifically in the avdt_msg_ind function found in avdt_msg.cc.
CVE-2024-49728 - How A Bluetooth Bug In Android Leaks Your Private Media Across Users
In June 2024, Google disclosed CVE-2024-49728, a critical vulnerability affecting Android’s Bluetooth file sharing (OBEX) functionality. The bug allows apps on a “non-owner” profile
CVE-2024-56193 - Bluetooth Adapter Info Leak via Permissions Bypass
CVE-2024-56193 is a newly disclosed vulnerability affecting certain Android devices, allowing a malicious local app to read sensitive details about the device’s Bluetooth adapter
CVE-2025-27840 - Espressif ESP32 Hidden HCI Commands Give Attackers Memory Write Access
Summary:
A new vulnerability, CVE-2025-27840, has been discovered affecting Espressif ESP32 chips. Researchers found that ESP32's Bluetooth Low Energy (BLE) stack supports 29
Episode
00:00:00
00:00:00