In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone without authorisation, bypassing the Bluetooth address randomisation protection in the user's phone.
References
Link | Resource |
---|---|
https://covidsafe.watch/issue-register/ | Vendor Advisory |
https://github.com/AU-COVIDSafe/mobile-android/blob/b827cf3ccef72a3d38c6fc37466a99868823540f/app/src/main/java/au/gov/health/covidsafe/streetpass/Work.kt#L35-L41 | Exploit Third Party Advisory |
https://www.health.gov.au/resources/apps-and-tools/covidsafe-app | Product Third Party Advisory |
https://github.com/alwentiu/CVE-2020-14292 | Exploit Third Party Advisory |
Configurations
Information
Published : 2020-09-09 10:15
Updated : 2021-07-21 04:39
NVD link : CVE-2020-14292
Mitre link : CVE-2020-14292
JSON object : View
CWE
Products Affected
health
- covidsafe