CVE-2025-27389

Application Installation Source Verification Flaw May Lead to Risk Detection Bypass

Description

A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning.

INFO

Published Date :

2025-12-05T03:19:49.490Z

Last Modified :

2025-12-05T16:20:31.736Z

Source :

OPPO

AFFECTED PRODUCTS

The following products are affected by CVE-2025-27389 vulnerability.

Vendors	Products
Oppo	Coloros

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-27389.

URL	Resource
https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1996493715665068032

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability