What is CVE-2025-36911?

CVE-2025-36911 is a high-severity vulnerability in Google Android that allows for remote information disclosure. Organizations should prioritize patching to mitigate risks related to user conversations and location exposure.

What is the severity of CVE-2025-36911?

CVE-2025-36911 has a severity rating of HIGH with a CVSS base score of 7.1.

CVE-2025-36911 | High Vulnerability in Google Android

CVE-2025-36911 is a high-severity vulnerability affecting Google Android, classified with a CVSS score of 7.1. This vulnerability allows for remote (proximal/adjacent) information disclosure of user conversations and location due to a logic error in key-based pairing. Importantly, no additional execution privileges are needed for exploitation, and user interaction is not required.

The presence of this vulnerability poses significant risks to organizations, especially considering the sensitivity of the data potentially exposed. Attackers may leverage this flaw to gain unauthorized access to confidential conversations and location data.

Currently, the vulnerability is known to have a confirmed exploit, which emphasizes the urgency for defenders. Organizations using affected versions of Android should prioritize patching to mitigate the associated risks.

Organizations should address this vulnerability in their priority patch cycle, as the potential for exploitation could lead to serious consequences.

Vulnerability Details

In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote (proximal/adjacent) information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation.

The vulnerability is classified as high severity with a CVSS 3.1 score of 7.1. It falls under the CWE classification, which indicates a critical flaw that organizations must address. The vulnerability affects all versions of Android prior to the vendor patch.

Technical Analysis

The root cause of CVE-2025-36911 is a logic error in the key-based pairing implementation. This error allows attackers to exploit the adjacent network access vector, which requires low attack complexity. Notably, this vulnerability requires no privileges and does not need user interaction for successful exploitation.

The attack vector being adjacent network means that the attacker must be in close proximity to the victim's device. The impact on confidentiality is high, as sensitive user data is at risk of exposure. The integrity impact is low, and there is no availability impact.

Risk & Impact Analysis

Risk to organizations includes significant potential exposure of sensitive user information such as conversations and location. The blast radius of this vulnerability is considerable, affecting millions of Bluetooth audio devices globally. Organizations must understand that the exploitation of this vulnerability can lead to unauthorized access to critical data.

Given the CVSS score of 7.1, organizations should assess the urgency based on their deployment of affected products. The high exploitability score indicates that this vulnerability should be treated with high priority in the patch management lifecycle.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of Android prior to the vendor patch are affected by this vulnerability. Organizations must ensure they are running an updated version of the Android OS to mitigate risks.

Mitigation & Remediation

Organizations should prioritize patching this vulnerability immediately. The latest vendor patch should be applied to all affected devices running Android. In cases where patching is not feasible, consider implementing additional network controls to limit access to vulnerable devices and monitor for unusual behavior.

For further guidance, organizations can refer to the penetration testing services to assess vulnerabilities in their systems.

Detection Guidance

To detect possible exploitation attempts of this vulnerability, organizations should monitor logs for unusual Bluetooth pairing activities, especially from unrecognized devices. Behavioral anomalies in the function of paired devices and network signatures indicating unauthorized access attempts should also be analyzed.

AppSecure Threat Intelligence Insight

CVE-2025-36911 highlights a critical need for organizations to enhance their Bluetooth security measures. This vulnerability exemplifies the risks associated with adjacent network vulnerabilities and the potential for unauthorized access to sensitive user data.

Organizations should remain vigilant and incorporate robust security practices, such as regular security assessments and employee training on the risks of Bluetooth technology. For additional insights into securing cloud environments, organizations can refer to the cloud security assessment guide and the penetration testing methodology for comprehensive security strategies.

The long-term significance of CVE-2025-36911 serves as a reminder for security teams to stay updated on vulnerabilities and adapt their security practices accordingly.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-36911: High Vulnerability in Google Android