The COVIDSafe (Australia) app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. The ABTraceTogether (Alberta), ProteGO (Poland), and TraceTogether (Singapore) apps were also affected.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:00
Type | Values Removed | Values Added |
---|---|---|
References | () https://medium.com/%40wabz/covidsafe-ios-vulnerability-cve-2020-12717-30dc003f9708 - |
07 Nov 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-05-14 05:15
Updated : 2024-11-21 05:00
NVD link : CVE-2020-12717
Mitre link : CVE-2020-12717
CVE.ORG link : CVE-2020-12717
JSON object : View
Products Affected
tracetogether
- tracetogether
gov
- protego_safe
alberta
- abtracetogether
health
- covidsafe
CWE