CVE-2025-32886

{"id": "CVE-2025-32886", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.5}]}, "published": "2025-05-01T18:15:55.800", "references": [{"url": "https://github.com/Dollarhyde/goTenna_v1_and_Mesh_vulnerabilities", "source": "cve@mitre.org"}, {"url": "https://gotenna.com", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-923"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data."}, {"lang": "es", "value": "Se detect\u00f3 un problema en dispositivos goTenna v1 con la aplicaci\u00f3n 5.5.3 y el firmware 0.25.5. Todos los paquetes enviados por RF tambi\u00e9n se env\u00edan por UART con USB Shell, lo que permite que alguien con acceso local obtenga informaci\u00f3n sobre el protocolo e intercepte datos confidenciales."}], "lastModified": "2025-05-02T13:52:51.693", "sourceIdentifier": "cve@mitre.org"}