CVE-2019-2225

Name of the Vulnerable Software and Affected Versions Android versions 8.0 through 10

Description A potential issue exists when pairing with a Bluetooth device, allowing a malicious device to pair without user confirmation. This paired device may interact with the phone, potentially leading to remote escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android versions 8.0 through 10, consider disabling Bluetooth pairing until a fix is available to prevent potential exploitation. Restrict access to sensitive phone features to minimize the risk of privilege escalation.