CVE-2015-6618

EUVD-2015-6556
Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assisted remote attackers to execute arbitrary code by leveraging access to the local physical environment, aka internal bug 24595992.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
ADJACENT_NETWORK
HIGH
AV:A/AC:H/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
googleandroid
4.4
googleandroid
5.0
googleandroid
5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://source.android.com/security/bulletin/2015-12-01.html
http://source.android.com/security/bulletin/2015-12-01.html