Bluetooth-based Re-Identification Vulnerability in COVID-19 Contact Tracing Apps
CVE-2020-12856 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and possibly have unspecified other impact, because of how Bluetooth is used.
Learn more about our Cis Benchmark Audit For Apple Ios.