RSS   Vulnerabilities for 'Bluezone'   RSS

2020-04-27
 
CVE-2020-12270

CWE-330
 

 
** DISPUTED ** React Native Bluetooth Scan in Bluezone 1.0.0 uses six-character alphanumeric IDs, which might make it easier for remote attackers to interfere with COVID-19 contact tracing by using many IDs. NOTE: the vendor disputes the relevance of this report because the recipient of an F1 alert will know it was a false alert if this recipient is not actually part of the contact history obtained from the device of an F0.

 


Copyright 2024, cxsecurity.com

 

Back to Top