Information EUVD-2025-18866

| CVE-2025-27387 HIGH
Information Exposure (CWE-200)
2025-06-23 [email protected]
Information Disclosure
7.4
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 15, 2026 - 22:10 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 22:10 euvd
EUVD-2025-18866
CVE Published
Jun 23, 2025 - 10:15 nvd
HIGH 7.4

DescriptionNVD

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure.

AnalysisAI

OPPO Clone Phone devices implement a WiFi hotspot file transfer feature that uses weak default or easily guessable passwords, allowing unauthenticated attackers on the local network to connect and access sensitive files without authentication. This vulnerability (CVE-2025-27387) carries a CVSS score of 7.4 with high confidentiality impact, though exploitation requires physical proximity to the affected device's WiFi network. No active exploitation in the wild has been confirmed in public KEV databases, but the attack surface is significant given the prevalence of file-sharing features in budget smartphone lines.

Technical ContextAI

The vulnerability stems from CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), specifically in how OPPO Clone Phone models implement wireless hotspot-based file transfer protocols. The affected devices likely use standard WiFi Direct or Miracast protocols with inadequate credential management, defaulting to weak passwords such as '12345678', device serial numbers, or MAC address fragments rather than enforcing strong, randomly generated credentials. The hotspot file transfer service likely runs as a system daemon with broad file system access, allowing any authenticated peer on the local network to enumerate and retrieve files without additional authorization checks. CPE data for OPPO Clone Phone devices would typically follow pattern: cpe:2.3:o:oppo:clone_phone_firmware:*:*:*:*:*:*:*:*, though 'Clone Phone' may indicate lesser-documented OPPO variants sold in specific markets or lower-tier product lines where security hardening is minimal.

RemediationAI

Specific patch versions have not been disclosed in available public references. Recommended remediation steps: (1) Check OPPO's official security advisory portal and your device's Settings > About > Software Update for available firmware patches addressing WiFi hotspot credential strengthening, (2) Immediate mitigation: Disable the WiFi hotspot file transfer feature if not actively needed (Settings > Wireless > Hotspot File Transfer), (3) If the feature must remain enabled, configure a strong, randomly generated WiFi hotspot password (minimum 16 characters with mixed case, numbers, and symbols) rather than relying on defaults, (4) Restrict hotspot visibility to 'not broadcast' if the device supports this, reducing discoverability, (5) Monitor connected devices regularly and disconnect unknown peers, (6) Apply general network hygiene: keep devices on the latest available firmware and avoid connecting to untrusted local networks. Contact OPPO support directly for patch availability for your specific Clone Phone model.

Share

EUVD-2025-18866 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy