CVE-2025-32887

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency hopping.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:gotenna:mesh_firmware:0.25.5:*:*:*:*:*:*:*
cpe:2.3:h:gotenna:mesh:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:gotenna:gotenna:5.5.3:*:*:*:*:-:*:*

History

20 Jun 2025, 16:39

Type Values Removed Values Added
References () https://github.com/Dollarhyde/goTenna_v1_and_Mesh_vulnerabilities - () https://github.com/Dollarhyde/goTenna_v1_and_Mesh_vulnerabilities - Third Party Advisory
References () https://gotenna.com - () https://gotenna.com - Product
First Time Gotenna
Gotenna mesh
Gotenna gotenna
Gotenna mesh Firmware
CPE cpe:2.3:o:gotenna:mesh_firmware:0.25.5:*:*:*:*:*:*:*
cpe:2.3:h:gotenna:mesh:-:*:*:*:*:*:*:*
cpe:2.3:a:gotenna:gotenna:5.5.3:*:*:*:*:-:*:*

02 May 2025, 13:52

Type Values Removed Values Added
Summary
  • (es) Se detectó un problema en dispositivos goTenna v1 con la aplicación 5.5.3 y el firmware 0.25.5. Un canal de comando incluye el siguiente salto, que puede interceptarse y utilizarse para interrumpir el salto de frecuencia.

01 May 2025, 20:15

Type Values Removed Values Added
CWE CWE-319

01 May 2025, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-01 18:15

Updated : 2025-06-20 16:39


NVD link : CVE-2025-32887

Mitre link : CVE-2025-32887

CVE.ORG link : CVE-2025-32887


JSON object : View

Products Affected

gotenna

  • gotenna
  • mesh
  • mesh_firmware
CWE
CWE-319

Cleartext Transmission of Sensitive Information