Healthcare

Ken Gannon
21 Apr 2022

Faking Another Positive COVID Test

A vulnerability was discovered in the Cue Health Home COVID-19 Test that allows manipulation of Bluetooth-transmitted test results. By exploiting weaknesses in the device's Protobuf communication protocol, test results could be changed from negative to positive. A Frida script was developed to intercept and modify Bluetooth packets, successfully altering the test outcome.

Ken Gannon
21 Dec 2021

Faking A Positive COVID Test

A vulnerability was discovered in the Ellume COVID-19 Home Test that allows falsifying test results. By manipulating Bluetooth traffic, it was possible to change a negative test to a positive result. The attack involved modifying specific byte values in the device's communication protocol and recalculating checksums, ultimately obtaining a verified COVID test certificate from Azova.