PT-2015-3163 · Google · Android

Published

2015-12-08

Updated

2015-12-09

CVE-2015-6618

CVSS v2.0

4.3

Medium

Vector

AV:A/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Android versions 4.4 through 5.1.1 LMY48Z Android version 5.x before 5.1.1 LMY48Z can be simplified to the above range

Description The issue is related to errors in the security settings of the Bluetooth component in the Android operating system. Exploitation of this issue may allow an attacker to execute arbitrary code by gaining access to the local physical environment.

Recommendations For Android versions 4.4 through 5.1.1 LMY48Z, update to a version after 5.1.1 LMY48Z to resolve the issue. As a temporary workaround, consider restricting access to the Bluetooth component until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-254

Related Identifiers

BDU:2016-00514

CVE-2015-6618

Affected Products

Android

PT-2015-3163 · Google · Android

CVE-2015-6618

Weakness Enumeration

Related Identifiers

Affected Products

References · 3