CVE-2020-24722
The CVE-2020-24722 issue affects GAEN (Google/Apple Exposure Notifications) protocol used by COVID-19 apps on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack, which can lead to metadata deanonymization and risk...