Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-47129

The goTenna Pro App does not inject extra characters into broadcasted frames to obfuscate the length of messages. This makes it possible to tell the length of the payload regardless of the encryption used.

Published

2024-09-26T18:15:09.913

Last Modified

2024-10-17T18:15:06.930

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-204
Type: Primary
CWE-203

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	gotenna	gotenna_pro	≤ 1.6.1	Yes
Application	gotenna	gotenna_pro	< 2.0.3	Yes

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04 Third Party Advisory, US Government Resource ([email protected])