CVE-2025-48593

Published Nov 18, 2025

Last updated 4 months ago

CVSS high 8.0
Android System
Mobile device

Overview

Description
In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Source
security@android.com
NVD status
Analyzed
Products
android

Risk scores

CVSS 3.1

Type
Secondary
Base score
8
Impact score
5.9
Exploitability score
2.1
Vector string
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-416

Social media

Hype score
Not currently trending

  1. Top 5 Trending CVEs: 1 - CVE-2025-48593 2 - CVE-2025-55182 3 - CVE-2023-45866 4 - CVE-2026-21440 5 - CVE-2025-60188 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    12 Jan 2026

    42 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. #Android #VulnerabilityReport Android Zero-Click RCE (CVE-2025-48593) in System Component Requires Immediate Patch for Versions 13-16 https://t.co/TwB8gCsVVm

    @Komodosec

    10 Dec 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 新たなBluetooth脆弱性 CVE-2025-48593 (BlueShrimp) により、スマートカーや Wear OS を含む多数デバイスで DoS が可能。PoC公開済みで放置は危険。OS/ファームウェア更新と不要時のBluetoothオフを強く推奨。#BluetoothVuln #Blu

    @01ra66it

    8 Dec 2025

    132 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. I wrote a blog post on CVE-2025-48593, an issue patched in Android's November Security Bulletin that only affected devices which act as Bluetooth headphones, such as smartwatches, smart glasses, and cars. I examined the patch and wrote a proof-of-concept: https://t.co/bBhoMUGXn6

    @zhuowei

    2 Dec 2025

    13107 Impressions

    30 Retweets

    138 Likes

    64 Bookmarks

    1 Reply

    0 Quotes

  5. CVE-2025-48593: una vulnerabilidad crítica en Bluetooth que afecta a Android 13–16 https://t.co/40iwSwsIN0 El blog de seguridad de Android dio a conocer, mediante un boletín, la detección de una vulnerabilidad de seguridad en Android. La vulnerabilidad CVE-2025-48593, una fa

    @laboratoriolinu

    23 Nov 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-48593 (CVSS:8.0, HIGH) is Analyzed. In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. Th..https://t.co/JwGs64cdmA #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    23 Nov 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 CRITICAL RCE in Google Android (13–16): CVE-2025-48593 enables remote takeover via Bluetooth Hands-Free Profile — no user action needed. Patch ASAP, disable Bluetooth HFP if possible! Details: https://t.co/FVxbAEH6kW... https://t.co/RkhnOFxsPl

    @offseq

    18 Nov 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2025-48593 In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no… https://t.co/aIMdLaG0AJ

    @CVEnew

    18 Nov 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2025-48593 هي ثغرة حرجة (Critical) في نظام أندرويد تسمح بتنفيذ أوامر عن بُعد RCE بدون أي تفاعل من المستخدم (Zero-Click). المشكلة ناتجة عن خلل في مكوّن System يؤدي إلى فساد في

    @hadrasec

    15 Nov 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. A fost descoperită o vulnerabilitate critică în Android (CVE-2025-48593) care permite atacatorilor să preia controlul complet al telefonului fără ca utilizatorul să facă nimic. Atacul se poate declanșa automat printr-un pachet trimis către sistem, fără linkuri, aplica

    @ArioN9871

    10 Nov 2025

    51 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨 URGENT ANDROID SECURITY ALERT! 🚨 CVE-2025-48593 - Zero-Click Remote Code Execution vulnerability discovered! Impact:• Android 13-16 ALL versions affected • NO user interaction required• Spreads via Wi-Fi/Bluetooth/cellular • Single malicious packet = full device

    @liodWang

    10 Nov 2025

    125 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. Alert: CERT-In has flagged a critical zero-click vulnerability (CVE-2025-48593) in Android 13-16, enabling remote code execution without user interaction. This poses severe risks to data privacy and device integrity for millions of users in India. Google's November 2025 security

    @techbreifx

    8 Nov 2025

    67 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 🚨 [CVE-2025-48593] Krytyczna luka 0-click umożliwia zdalne wykonanie kodu w Androidzie🚨 ⚡ Listopadowy biuletyn Google ujawnił poważne luki bezpieczeństwa występujące w systemie Android. ⚡ Błędy występowały w komponencie System i umożliwiały zdalne wykonanie

    @Sekurak

    7 Nov 2025

    8399 Impressions

    8 Retweets

    62 Likes

    17 Bookmarks

    2 Replies

    1 Quote

  14. ⚠️Vulnerabilidades en productos Android ❗CVE-2025-48593 ❗CVE-2025-48581 ➡️Más info: https://t.co/z5IGIpfnbo https://t.co/hg7j1SkG1z

    @CERTpy

    6 Nov 2025

    111 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. 🔴 CVE-2025-48593 Android: Critical System RCE Hits 4 OS Versions Google's November bulletin patches a no-interaction RCE in Android System component across versions 13, 14, 15, and 16. What's nasty: insufficient input validation allows remote attackers to execute arbitrary

    @the_c_protocol

    5 Nov 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. 🚨 Vulnerabilidad crítica de Android tipo 0-Click en un componente del sistema permite ataques de ejecución remota de código (RCE) ⚠️ CVE-2025-48593 https://t.co/IZcqKOeyaF https://t.co/RaKvU7xzN1

    @elhackernet

    5 Nov 2025

    8455 Impressions

    35 Retweets

    118 Likes

    42 Bookmarks

    3 Replies

    0 Quotes

  17. 0-Click Android RCE (CVE-2025-48593) Exposes Enterprise Data. How to Protect Your Corporate Device Fleet Now Read the full report on - https://t.co/hH60Tc843E https://t.co/SUXiundgA0

    @cyberbivash

    4 Nov 2025

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. 🚨 CRITICAL ANDROID FLAW! Google patches a zero-click RCE vulnerability (CVE-2025-48593). No user interaction needed for exploitation. Affects Android 13, 14, 15 & 16. Update your devices NOW! #Android #CyberSecurity #PatchNow 🔗 https://t.co/67ZeOKApXj

    @NetSecIO

    4 Nov 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. 💡 Vulnerabilità Android 0-Click: CVE-2025-48593 Il CVE-2025-48593 è il peggior incubo della sicurezza mobile: zero-click nel System component di Android. https://t.co/hNwhs1QING #android #sicurezza https://t.co/JLWaIgXqXO

    @grazymen

    4 Nov 2025

    89 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  20. Vulnerabilità Android 0-Click: CVE-2025-48593 https://t.co/POCshjobiO #android #sicurezza https://t.co/jZHOv6LEJP

    @Imbucatura72

    4 Nov 2025

    61 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  21. Une vulnérabilité 0-click critique (CVE-2025-48593) touchant #Android 13 à 16 et permettant l'exécution de code à distance sans interaction utilisateur a été corrigée. https://t.co/ih6iKpwmgc

    @cert_ist

    4 Nov 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. Android (AOSP)に重大(Critical)なゼロクリック脆弱性。CVE-2025-48593はSystemコンポーネントにおける遠隔コード実行。細工されたネットワークパケットか悪意あるアプリから悪用される可能性。詳細は悪用防止のため

    @__kokumoto

    4 Nov 2025

    2813 Impressions

    1 Retweet

    4 Likes

    2 Bookmarks

    0 Replies

    1 Quote

  23. 0-Click Android RCE (CVE-2025-48593) Exposes Enterprise Data – How to Protect Your Corporate Device Fleet Now Read the full report on - https://t.co/FpFvKeTCX9 https://t.co/PjrXbC3Gmx

    @cyberbivash

    4 Nov 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. **🚨 Critical Android RCE Alert!** CVE-2025-48593: Zero-click remote code execution in Android 13–16. No user interaction needed. Patch **NOW** via November 2025 security update! 🔗 https://t.co/divAmjV0b3 #AndroidSecurity #0day https://t.co/jiIyGqqdqb

    @B1ackash

    4 Nov 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. ثغرة حرجة من نوع Zero-Click في نظام @Android، وفقاً لتحذير أمني أصدرته @Google . تسمح الثغرة CVE-2025-48593 للمهاجمين بالسيطرة الكاملة على الأجهزة عن بعد. عالج تحديث الأمان

    @cyberscastx

    4 Nov 2025

    513 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

Configurations

Related CVEs

  1. Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to use consistent error responses when handling the /mute command which allows an authenticated team member to enumerate private channels they are not authorized to know about via differing error messages for nonexistent versus private channels. Mattermost Advisory ID: MMSA-2026-00588CVE-2026-21386
  2. Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application.CVE-2026-20992
  3. Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege.CVE-2026-20990
  4. Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability.CVE-2026-20988
  5. Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents.CVE-2026-20991

References

Sources include official advisories and independent security research.