← back
CVE-2021-33838

CVE-2021-33838

EPSS 2.8%
Luca through 1.7.4 on Android allows remote attackers to obtain sensitive information about COVID-19 tracking because requests related to Check-In State occur shortly after requests for Phone Number Registration.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/mame82/misc/blob/master/luca_traceIds.mdhttps://luca-app.de/securityoverview/properties/objectives.htmlhttps://www.ccc.de/de/updates/2021/luca-app-ccc-fordert-bundesnotbremsehttps://www.youtube.com/playlist?list=PLKuX6iczGb3kuDsm2RFgbmRkTugkR9-UE