Vulnerabilities > CVE-2020-14292 - Incorrect Authorization vulnerability in Health Covidsafe

CVSS 2.9 - LOW

Attack vector

ADJACENT_NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

health

CWE-863

NVD

Published: 2020-09-09

Updated: 2021-07-21

Summary

In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone without authorisation, bypassing the Bluetooth address randomisation protection in the user's phone.

Vulnerable Configurations

Part	Description	Count
Application	Health Health Covidsafe - Health Covidsafe 1.0.11 Health Covidsafe 1.0.16 Health Covidsafe 1.0.17 Health Covidsafe 1.0.21	5

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://covidsafe.watch/issue-register/
https://github.com/AU-COVIDSafe/mobile-android/blob/b827cf3ccef72a3d38c6fc37466a99868823540f/app/src/main/java/au/gov/health/covidsafe/streetpass/Work.kt#L35-L41
https://www.health.gov.au/resources/apps-and-tools/covidsafe-app
https://github.com/alwentiu/CVE-2020-14292