CVE-2025-32889

Name of the Vulnerable Software and Affected Versions goTenna v1 devices with app version 5.5.3 and firmware version 0.25.5

Description An issue was discovered where the verification token used for sending SMS through a goTenna server is hardcoded in the app. This affects the ability to securely send SMS messages.

Recommendations For goTenna v1 devices with app version 5.5.3 and firmware version 0.25.5, consider restricting access to the SMS sending functionality until a patch is available that removes the hardcoded verification token. As a temporary workaround, avoid using the affected app version to send SMS messages through a goTenna server. At the moment, there is no information about a newer version that contains a fix for this vulnerability.