Multiple vulnerabilities in goTenna Pro App
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 10 |
| CVE-ID | CVE-2024-47121 CVE-2024-47122 CVE-2024-47123 CVE-2024-47124 CVE-2024-47125 CVE-2024-47126 CVE-2024-47129 CVE-2024-47130 CVE-2024-47128 CVE-2024-47127 |
| CWE-ID | CWE-521 CWE-922 CWE-353 CWE-319 CWE-923 CWE-338 CWE-204 CWE-306 CWE-201 CWE-287 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
goTenna Pro App for Android Mobile applications / Apps for mobile phones goTenna Pro App for iOS Mobile applications / Apps for mobile phones |
| Vendor | goTenna |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
1) Weak password requirements
EUVDB-ID: #VU97769
Risk: Low
CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47121
CWE-ID:
CWE-521 - Weak Password Requirements
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to weak password requirements for the QR broadcast message. A remote attacker on the local network can decrypt the QR broadcast message and use it to decrypt all future and past messages sent via encrypted broadcast.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for Android: 1.6.1
goTenna Pro App for iOS: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Insecure Storage of Sensitive Information
EUVDB-ID: #VU97770
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47122
CWE-ID:
CWE-922 - Insecure Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to the encryption keys are stored along with a static IV on the device. An attacker with physical access can decrypt all encrypted communications that include P2P, Group, and broadcast messages that use these keys.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Missing support for integrity check
EUVDB-ID: #VU97771
Risk: Low
CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47123
CWE-ID:
CWE-353 - Missing Support for Integrity Check
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected application uses AES CTR mode for short, encrypted messages without any additional integrity checking mechanisms. A remote attacker on the local network can access the messages and cause them to be malleable.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cleartext transmission of sensitive information
EUVDB-ID: #VU97772
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47124
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to the affected pplication does not encrypt the callsigns of its users. A remote attacker with ability to intercept network traffic can reveal information about the users.
MitigationInstall update from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper restriction of communication channel to intended endpoints
EUVDB-ID: #VU97773
Risk: Medium
CVSSv4.0: 6.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-47125
CWE-ID:
CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected application does not authenticate public keys. A remote attacker on the local network can intercept and manipulate messages.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
EUVDB-ID: #VU97774
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47126
CWE-ID:
CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected application does not use SecureRandom when generating its cryptographic keys. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Observable Response Discrepancy
EUVDB-ID: #VU97775
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47129
CWE-ID:
CWE-204 - Observable Response Discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the observable response discrepancy issue. A remote attacker on the local network can tell the length of the payload regardless of the encryption used.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Missing Authentication for Critical Function
EUVDB-ID: #VU97787
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-47130
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to missing authentication for critical function. A remote attacker on the local network can update the local public keys used for P2P and Group messages.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Insertion of Sensitive Information Into Sent Data
EUVDB-ID: #VU97816
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47128
CWE-ID:
CWE-201 - Insertion of Sensitive Information Into Sent Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the broadcast key name is always sent unencrypted and can reveal the location of operation. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper Authentication
EUVDB-ID: #VU97834
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47127
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to a weak authentication mechanism. A remote attacker on the local network can inject any custom message with any GID and Callsign using a software defined radio in existing gotenna mesh networks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsgoTenna Pro App for iOS: 1.6.1
goTenna Pro App for Android: 1.6.1
CPE2.3- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_ios:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:*:*:*:*:*:*:*:*
- cpe:2.3:a:gotenna:gotenna_pro_app_for_android:1.6.1:*:*:*:*:*:*:*
http://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to perform certain actions on the device.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
