CVE-2020-13702 - OpenCVE

The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary temporary UID. An attacker with access to Beacon or IoT networks can seamlessly track individual device movement via a Bluetooth LE discovery mechanism.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
The Rolling Proximity Identifier Project	The Rolling Proximity Identifier

Configuration 1 [-]

cpe:2.3:a:the_rolling_proximity_identifier_project:the_rolling_proximity_identifier:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://blog.google/documents/70/Exposure_Notification_-_Bluetooth_Specification_v1.2.2.pdf
https://github.com/google/exposure-notifications-internals/commit/8f751a666697
https://github.com/google/exposure-notifications-internals/commit/8f751a666697c3cae0a56ae3464c2c6cbe31b69e
https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200611.pdf
https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616-2.pdf
https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-11T18:16:01

Updated: 2024-08-04T12:25:16.528Z

Reserved: 2020-05-30T00:00:00

Link: CVE-2020-13702

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-06-11T19:15:10.073

Modified: 2021-03-12T12:58:55.347

Link: CVE-2020-13702

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary temporary UID. An attacker with access to Beacon or IoT networks can seamlessly track individual device movement via a Bluetooth LE discovery mechanism."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:N/PR:N/S:U/UI:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-03-01T17:12:04", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200611.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.google/documents/70/Exposure_Notification_-_Bluetooth_Specification_v1.2.2.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616-2.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697c3cae0a56ae3464c2c6cbe31b69e"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13702", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary temporary UID. An attacker with access to Beacon or IoT networks can seamlessly track individual device movement via a Bluetooth LE discovery mechanism."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:N/PR:N/S:U/UI:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200611.pdf", "refsource": "MISC", "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200611.pdf"}, {"name": "https://blog.google/documents/70/Exposure_Notification_-_Bluetooth_Specification_v1.2.2.pdf", "refsource": "MISC", "url": "https://blog.google/documents/70/Exposure_Notification_-_Bluetooth_Specification_v1.2.2.pdf"}, {"name": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616.pdf", "refsource": "MISC", "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616.pdf"}, {"name": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616-2.pdf", "refsource": "MISC", "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616-2.pdf"}, {"name": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697c3cae0a56ae3464c2c6cbe31b69e", "refsource": "MISC", "url": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697c3cae0a56ae3464c2c6cbe31b69e"}, {"name": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697", "refsource": "MISC", "url": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:25:16.528Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200611.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://blog.google/documents/70/Exposure_Notification_-_Bluetooth_Specification_v1.2.2.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616-2.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697c3cae0a56ae3464c2c6cbe31b69e"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13702", "datePublished": "2020-06-11T18:16:01", "dateReserved": "2020-05-30T00:00:00", "dateUpdated": "2024-08-04T12:25:16.528Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:the_rolling_proximity_identifier_project:the_rolling_proximity_identifier:*:*:*:*:*:*:*:*", "matchCriteriaId": "476BD5D6-9B40-40C9-B914-A2DB84E073CE", "versionEndIncluding": "2020-05-29", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary temporary UID. An attacker with access to Beacon or IoT networks can seamlessly track individual device movement via a Bluetooth LE discovery mechanism."}, {"lang": "es", "value": "El Rolling Proximity Identifier usado en la API Exposure Notification de Apple/Google versi\u00f3n beta hasta 29-05-2020, permite a atacantes omitir Bluetooth Smart Privacy porque existe un UID temporal secundario. Un atacante con acceso a redes Beacon o IoT puede rastrear sin problemas el movimiento de dispositivos individuales por medio de un mecanismo de detecci\u00f3n Bluetooth LE"}], "id": "CVE-2020-13702", "lastModified": "2021-03-12T12:58:55.347", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.8, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2020-06-11T19:15:10.073", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://blog.google/documents/70/Exposure_Notification_-_Bluetooth_Specification_v1.2.2.pdf"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/exposure-notifications-internals/commit/8f751a666697c3cae0a56ae3464c2c6cbe31b69e"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200611.pdf"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616-2.pdf"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://github.com/normanluhrmann/infosec/raw/master/exposure-notification-vulnerability-20200616.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}