Description
In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone without authorisation, bypassing the Bluetooth address randomisation protection in the user's phone.
Exploits (1)
References (4)
Core 4
Core References
Product, Third Party Advisory x_refsource_misc
https://www.health.gov.au/resources/apps-and-tools/covidsafe-app
Vendor Advisory x_refsource_misc
https://covidsafe.watch/issue-register/
Exploit, Third Party Advisory x_refsource_misc
https://github.com/AU-COVIDSafe/mobile-android/blob/b827cf3ccef72a3d38c6fc37466a99868823540f/app/src/main/java/au/gov/health/covidsafe/streetpass/Work.kt#L35-L41
Exploit, Third Party Advisory x_refsource_misc
https://github.com/alwentiu/CVE-2020-14292
Scores
CVSS v3
5.7
EPSS
0.0026
EPSS Percentile
49.2%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Details
Status
published
Products (1)
health/covidsafe
< 1.0.21
Published
Sep 09, 2020
Tracked Since
Feb 18, 2026