CVE-2025-48593

HIGH

bta_hf_client - Use After Free

Title source: llm

Description

In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploits (3)

nomisec WORKING POC 49 stars

by zhuowei · poc

https://github.com/zhuowei/blueshrimp

View Code ZIP pw:eip

nomisec WRITEUP 7 stars

by logesh-GIT001 · poc

https://github.com/logesh-GIT001/CVE-2025-48593

View Code ZIP pw:eip

nomisec WRITEUP 2 stars

by ranasen-rat · poc

https://github.com/ranasen-rat/CVE-2025-48593

View Code ZIP pw:eip

References (3)

[Product] https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5ed63461b44198c80d5aff7e1af1df812f782abb

[Product] https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c69c78d7c4f623201f35831d32e6c401156e76cc

[Vendor Advisory] https://source.android.com/security/bulletin/2025-11-01

Scores

CVSS v3 8.0

EPSS 0.0002

EPSS Percentile 5.9%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-416

Status published

Products (4)

google/android 13.0

google/android 14.0

google/android 15.0

google/android 16.0

Published Nov 18, 2025

Tracked Since Feb 18, 2026