CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-12858

Non-reinitialisation of random data in the advertising payload in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to re-identify Android devices running COVIDSafe by scanning for their advertising beacons.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://docs.google.com/document/d/1u5a5ersKBH6eG362atALrzuXo3zuZ70qrGomWVEC27U/edit?usp=sharing
https://www.health.gov.au/resources/apps-and-tools/covidsafe-app
https://docs.google.com/document/d/1u5a5ersKBH6eG362atALrzuXo3zuZ70qrGomWVEC27U/edit?usp=sharing
https://www.health.gov.au/resources/apps-and-tools/covidsafe-app

Products affected by CVE-2020-12858

Health » Covidsafe » Version: N/A

cpe:2.3:a:health:covidsafe:-
Health » Covidsafe » Version: 1.0.11

cpe:2.3:a:health:covidsafe:1.0.11
Health » Covidsafe » Version: 1.0.16

cpe:2.3:a:health:covidsafe:1.0.16

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-12858

Products

Pricing

Contact Us