CVE-2025-20908 — Samsung Android vulnerability
3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 78.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 6
Description
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting.
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages1 packages
🔴Vulnerability Details
2CVEList▶
CVE-2025-20908: Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting↗2025-03-06
GHSA▶
GHSA-gqfc-m35p-wwj8: Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting↗2025-03-06