Vulnerability CVE-2024-47123
Published: 2024-09-26

Description:
The goTenna Pro series use AES CTR mode for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to any attacker that can access the message.

Type:

CWE-353

 (Missing Support for Integrity Check)

 References:
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Copyright 2024, cxsecurity.com

 

Back to Top