CVE-2020-14292

MEDIUM

COVIDSafe <1.0.21 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-14292. PoCs published by alwentiu.

AI-analyzed exploit summary CVE-2020-14292 describes a Bluetooth transport issue in the COVIDSafe app where the use of TRANSPORT_AUTO defaults to BR/EDR, revealing the public Bluetooth address of the victim's phone. The vulnerability arises from unsafe GATT connection handling in the app.

Description

In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone without authorisation, bypassing the Bluetooth address randomisation protection in the user's phone.

Exploits (1)

nomisec WRITEUP
by alwentiu · poc
https://github.com/alwentiu/CVE-2020-14292

CVE-2020-14292 describes a Bluetooth transport issue in the COVIDSafe app where the use of TRANSPORT_AUTO defaults to BR/EDR, revealing the public Bluetooth address of the victim's phone. The vulnerability arises from unsafe GATT connection handling in the app.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: COVIDSafe App for Android (versions up to 1.0.21)
No auth needed
Prerequisites: Dual mode Bluetooth device (BR/EDR + LE) · Attacker must advertise a GATT server using a public address
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Scores

CVSS v3 5.7
EPSS 0.0131
EPSS Percentile 67.1%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

Status published
Products (1)
health/covidsafe < 1.0.21
Published Sep 09, 2020
Tracked Since Feb 18, 2026