PT-2024-32420 · Gotenna · Gotenna Pro X+3

Clayton Smith

Published

2024-09-26

Updated

2024-10-17

CVE-2024-47125

CVSS v3.1

8.1

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions goTenna Pro App (affected versions not specified) goTenna Pro X (affected versions not specified) goTenna Pro X2 (affected versions not specified) goTenna Pro series (affected versions not specified)

Description The issue allows an unauthenticated attacker to manipulate messages due to the lack of public key authentication. This can lead to message interception and manipulation. It is recommended to update the app to the current release for enhanced encryption protocols.

Recommendations For goTenna Pro App, update to the current release for enhanced encryption protocols. For goTenna Pro X, update to the current release for enhanced encryption protocols. For goTenna Pro X2, update to the current release for enhanced encryption protocols. For goTenna Pro series, update to the current release for enhanced encryption protocols.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-923CWE-287

Related Identifiers

CVE-2024-47125

Affected Products

Gotenna Pro App

Gotenna Pro X

Gotenna Pro X2

Gotenna Pro Series

PT-2024-32420 · Gotenna · Gotenna Pro X+3

CVE-2024-47125

Weakness Enumeration

Related Identifiers

Affected Products

References · 8