CVE-2025-25370

MEDIUM EPSS 9.3%

Published May 14, 20251y ago · Modified Jun 17, 20261w ago

4.6 CVSS 3.1

Medium

Published May 14, 2025 1y ago

Last Modified Jun 17, 2026 1w ago

Description

An issue in realme GT 2 (RMX3311) running Android 14 with realme UI 5.0 allows a physically proximate attacker to obtain sensitive information via the show app only setting function.

CVSS Details

Base Score

4.6

Exploitability

0.9

Impact

3.6

Vector string

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector Physical

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity None

Availability None

Threat Intelligence

EPSS Exploit Probability

9.3% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

References 2

realme.com http://realme.com
gist.github.com https://gist.github.com/krl5/4eeed04a065287489c2e606e6d48c1bc

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.