CVE-2020-14292

In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone without authorisation, bypassing the Bluetooth address randomisation protection in the user's phone.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:health:covidsafe:*:*:*:*:*:android:*:*

Information

Published : 2020-09-09 10:15

Updated : 2021-07-21 04:39


NVD link : CVE-2020-14292

Mitre link : CVE-2020-14292


JSON object : View

Advertisement

dedicated server usa

Products Affected

health

  • covidsafe