← Back to CVE List

CVE-2020-14292

Published: 2020-09-09T17:15Z
Last Modified: 2024-11-21T05:02Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone without authorisation, bypassing the Bluetooth address randomisation protection in the user's phone. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt