Vulnerability CVE-2024-43108
Published: 2024-09-26

Description:
The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted
messages without any additional integrity checking mechanisms. This
leaves messages malleable to any attacker that can access the message.

Type:

CWE-353

 (Missing Support for Integrity Check)

 References:
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-05
Copyright 2024, cxsecurity.com

 

Back to Top