9 matches found
CVE-2020-12717
The COVIDSafe Australia app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. T...
OpenTrace has an unspecified vulnerability
OpenTrace is an implementation of the BlueTrace Epidemiology Contact Tracking Privacy Protection Protocol. A security vulnerability exists in OpenTrace used in COVIDSafe 1.0.17 and earlier versions, TraceTogether and ABTraceTogether and other apps iOS and Android, which can be exploited by a remo...
CVE-2020-12856
OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and possibly have unspecified other impact, because of how Bluetooth is used...
CVE-2020-12856
OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and possibly have unspecified other impact, because of how Bluetooth is used...
CVE-2020-12856
OpenTrace (used in COVIDSafe up to v1.0.17) and similar apps on iOS/Android expose a vulnerability where Bluetooth usage enables long-term user re-identification by remote attackers, per CVE-2020-12856. Red‑hat and other sources mirror this description. The Android security bulletin lists CVE-202...
CVE-2020-12717
The COVIDSafe Australia app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. T...
CVE-2020-12717
The COVIDSafe Australia app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. T...
Code injection
The COVIDSafe Australia app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. T...
CVE-2020-12717
The COVIDSafe Australia app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. T...