CVE-2025-32885

Name of the Vulnerable Software and Affected Versions goTenna v1 devices with app 5.5.3 and firmware 0.25.5

Description A problem was detected in goTenna v1 devices that allows the injection of custom messages into existing networks with any GID and Callsign via a software-defined radio. This issue can be exploited if the device is used in an unencrypted environment or if the cryptography has already been compromised.

Recommendations For goTenna v1 devices with app 5.5.3 and firmware 0.25.5, consider using the device in an encrypted environment to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.