CVE-2025-32890

Medium CVSS: 5.3

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message.

Vendor

Gotenna

Product

Mesh Firmware

CWE

CWE-353

Yayın Tarihi

2025-05-01 18:15:56

Güncelleme

2025-06-20 16:28:33

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-353 Mesh Firmware MEDIUM Gotenna 2025

Referanslar

https://github.com/Dollarhyde/goTenna_v1_and_Mesh_vulnerabilities https://gotenna.com

Benzer Kayıtlar

High

CVE-2025-32889

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sendin…

High

CVE-2025-32888

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for send…

Medium

CVE-2025-32882

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation o…

Medium

CVE-2025-32884

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a GID is the user's phon…

Medium

CVE-2025-32885

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inj…

Medium

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent…