CVE-2020-12856

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/05/2020
Last modified:
20/05/2020

Description

OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and possibly have unspecified other impact, because of how Bluetooth is used.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:alberta:abtracetogether:-:*:*:*:*:android:*:*
cpe:2.3:a:alberta:abtracetogether:-:*:*:*:*:iphone_os:*:*
cpe:2.3:a:health:covidsafe:*:*:*:*:*:android:*:* 1.0.17 (including)
cpe:2.3:a:health:covidsafe:-:*:*:*:*:iphone_os:*:*
cpe:2.3:a:tracetogether:tracetogether:-:*:*:*:*:android:*:*
cpe:2.3:a:tracetogether:tracetogether:-:*:*:*:*:iphone_os:*:*