- Description
- An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-923
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gotenna:mesh_firmware:0.25.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92602326-09B2-46F8-ACB7-F977942C191D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:gotenna:mesh:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B188A17B-CCB4-438C-A370-5913AB3BB22A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gotenna:gotenna:5.5.3:*:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "63D278BB-4BE6-4020-9D7C-CB774101087A"
}
],
"operator": "OR"
}
]
}
]