GAEN Protocol Metadata Deanonymization and Risk-score Inflation Issues (CVE-2020-24722)
The TX Power value in the metadata in the beacon of the GAEN protocol used by the corona/contact tracing app allows for attackers to influence risk-score calculations in their favor, the same metadata can also be used to deanonymize diagnosed users based on the type of phone they are using.
>> Continue reading <<