Dave
Well-Known Member
About 50% of Android phones are vulnerable to BlueFrag which potentially can steal personal data over the same proximity conditions as proposed for trackers. Affected phones are on Android 8 or 9 with security patch level older than Feb 2020. Android 10 is partially vulnerable, its Bluetooth can crash but there is no data exploitation.
If you're on 8 or 9 and don't have the Feb 2020 security update it's probably wise to keep Bluetooth off when not in use.
If you're on 8 or 9 and don't have the Feb 2020 security update it's probably wise to keep Bluetooth off when not in use.
CVE - CVE-2020-0022
cve.mitre.org
Android Security Bulletin—February 2020 | Android Open Source Project
source.android.com