CVE-2021-31815 is a vulnerability in Googleapple Exposure Notifications

GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity Identifiers and MAC addresses are written to the Android system log, and many Android devices have applications (preinstalled by the hardware manufacturer or network operator) that read system log data and send it to third parties. NOTE: a news outlet (The Markup) states that they received a vendor response indicating that fix deployment "began several weeks ago and will be complete in the coming days."

Products Associated with CVE-2021-31815

Want to know whenever a new CVE is published for Googleapple Exposure Notifications? stack.watch will email you.

Exploit Probability

EPSS

0.01%

Percentile

2.15%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-31815 is a vulnerability in Googleapple Exposure NotificationsPublished on April 28, 2021

Products Associated with CVE-2021-31815

Exploit Probability

CVE-2021-31815 is a vulnerability in Googleapple Exposure Notifications
Published on April 28, 2021