CVE-2025-32882

Name of the Vulnerable Software and Affected Versions goTenna v1 with application 5.5.3 and firmware 0.25.5

Description The issue concerns the use of a custom encryption implementation in the application without additional integrity checking mechanisms. This makes messages vulnerable to an attacker who can access them, allowing the messages to be modified.

Recommendations For goTenna v1 devices with application 5.5.3 and firmware 0.25.5, consider disabling the custom encryption implementation until a secure alternative with integrity checking mechanisms is available. Restrict access to sensitive messages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.