CVE-2024-47128

Name of the Vulnerable Software and Affected Versions goTenna Pro App (affected versions not specified) goTenna Pro X (affected versions not specified) goTenna Pro X2 (affected versions not specified)

Description The goTenna Pro App encryption key name is sent unencrypted when shared over RF through a broadcast message, potentially revealing the location of operation. It is recommended to share the encryption key via local QR for higher security operations.

Recommendations For goTenna Pro App, consider sharing the encryption key via local QR instead of over RF through a broadcast message to minimize the risk of exploitation. For goTenna Pro X, consider sharing the encryption key via local QR instead of over RF through a broadcast message to minimize the risk of exploitation. For goTenna Pro X2, consider sharing the encryption key via local QR instead of over RF through a broadcast message to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.