RedPacket Security

InfoSec News & Tutorials

Vulnerabilities 

CVE-2020-24722: GAEN Protocol Metadata Deanonymization and Risk-score Inflation Issues

admin , , , , , , , , ,
Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Stefan Marsiske via Fulldisclosure on Oct 06

GAEN Protocol Metadata Deanonymization and Risk-score Inflation Issues (CVE-2020-24722)

Summary

The TX Power value in the metadata in the beacon of the GAEN protocol
used by the corona/contact tracing app allows for attackers to
influence risk-score calculations in their favor, the same metadata
can also be used to deanonymize diagnosed users based on the type of
phone they are using.

Intro: GAEN Metadata in a nutshell

The beacon sent out by…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source

You May Also Like

CVE prog

CVE-2021-28348

admin
pexels worldspectrum 844124

Supply Chain Attacks Using Container Images

admin
1582006359

Apple Becomes the First Major US Company to Say that the ‘Corona’ Epidemic Will Hit Its Finances

admin
Available for Amazon Prime