btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via crafted Bluetooth packets after the tapping of a crafted NFC tag.
[
{
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "before 5.1"
}
]
}
]