{"uuid": "06116b2d-1fbc-4e88-982d-7c18155b7857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0074", "type": "seen", "source": "https://t.me/SpiderCodeCommunity1/31", "content": "As We Explained iOS, Now It's Android's Turn!\n\n\u26a0\ufe0f Two Warnings:\n\n1. The channel is not responsible for any misuse of this information.\n\n\n2. All content is copyrighted. Contact us for permissions.\n\n\n\n\n---\n\n\ud83d\udccc Today\u2019s Topic: A Unique CVE!\n\nA recently discovered zero-day vulnerability:\n\nCVE-2025-0074\n\n\ud83d\udcc5 Date of Discovery: December 13, 2024\n\ud83d\udcc5 Security Patch Released: March 3, 2025 \ud83d\udc80\n\n\n---\n\n\ud83d\udd25 What Does This CVE Do?\n\nThis vulnerability exploits Bluetooth in a completely silent way\u2014\n\ud83d\udeab No user permission required\n\ud83d\udeab No additional software needed\n\ud83d\udeab No special privileges required\n\n\ud83e\udd2f So, someone can exploit this CVE on my device without me knowing?\n\n\u2714 Yes! And it allows Remote Code Execution (RCE). \ud83d\ude01\n\n\n---\n\n\ud83d\udee0\ufe0f How It Works\n\nThe attack is based on a Use-After-Free (UAF) vulnerability,\nwhich allows an attacker to inject and execute malicious code (malware) on the victim\u2019s device without their knowledge.\n\n\ud83d\udea8 Severity Level: Critical\n\n\n---\n\n\ud83d\udcf1 Affected Devices\n\nBad news: \ud83d\ude22\n\nAffects Android 11, 12, 13, and 14.\n\n\nGood news: \ud83d\ude03\n\nDoes NOT affect Android 9 and lower.\n\n\n\n---\n\n\u2705 How to Protect Yourself?\n\n1\ufe0f\u20e3 Update to the latest security patch \u2705\n2\ufe0f\u20e3 Use a trusted antivirus \u2705\n3\ufe0f\u20e3 Keep Bluetooth disabled when not in use \u2705\n\n\n---\n\n\ud83d\udca1 Thanks for your support! Your engagement helps me improve the content every day. Stay safe! \ud83e\udd0d\n\n\nSource :\n\nhttps://www.cve.org/CVERecord?id=CVE-2025-0074\n\nhttps://vulert.com/vuln-db/CVE-2025-0074\n\n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0074\n\n\nhttps://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities_20250304", "creation_timestamp": "2025-03-18T07:35:59.000000Z"}