icsa-24-270-05
Vulnerability from csaf_cisa
Published
2024-09-26 06:00
Modified
2024-10-17 06:00
Summary
goTenna Pro ATAK Plugin (Update A)
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to compromise the confidentiality and integrity of the communications between the affected devices.
Critical infrastructure sectors
Communications, Government Services and Facilities
Countries/areas deployed
United States
Company headquarters location
United States
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.
{
"document": {
"acknowledgments": [
{
"names": [
"Erwin Karincic"
],
"summary": "reporting this these vulnerabilities to CISA"
},
{
"names": [
"Clayton Smith"
],
"summary": "reporting this these vulnerabilities to CISA"
},
{
"names": [
"Dale Wooden"
],
"summary": "reporting this these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to compromise the confidentiality and integrity of the communications between the affected devices.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Communications, Government Services and Facilities",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "United States",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "United States",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-24-270-05 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-270-05.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-24-270-05 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-05"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "goTenna Pro ATAK Plugin (Update A)",
"tracking": {
"current_release_date": "2024-10-17T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-24-270-05",
"initial_release_date": "2024-09-26T06:00:00.000000Z",
"revision_history": [
{
"date": "2024-09-26T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2024-10-17T06:00:00.000000Z",
"legacy_version": "Update A",
"number": "2",
"summary": "Update A - Updates were made to Vulnerability Overview and Mitigations."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.9.12",
"product": {
"name": "goTenna goTenna Pro ATAK Plugin: \u003c=1.9.12",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "goTenna Pro ATAK Plugin"
}
],
"category": "vendor",
"name": "goTenna"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45374",
"cwe": {
"id": "CWE-521",
"name": "Weak Password Requirements"
},
"notes": [
{
"category": "summary",
"text": "The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force attack, it is possible to decrypt it and use it to decrypt all future and past messages sent via encrypted broadcast with that particular key. This only applies when the key is broadcasted over RF. This is an optional feature, so it is advised to use local QR encryption key sharing for additional security on this and previous versions.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45374"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2024-43694",
"cwe": {
"id": "CWE-922",
"name": "Insecure Storage of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "In the goTenna Pro ATAK Plugin, the encryption keys are stored along with a static IV on the End User Device (EUD). This allows for complete decryption of keys stored on the EUD if physically compromised. This allows an attacker to decrypt all encrypted broadcast communications based on encryption keys stored on the EUD. This requires access to and control of the EUD, so it is recommended to use strong access control measures and layered encryption on the EUD for more secure operation.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43694"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2024-43108",
"cwe": {
"id": "CWE-353",
"name": "Missing Support for Integrity Check"
},
"notes": [
{
"category": "summary",
"text": "The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is advised to continue to use encryption in the plugin and update to the current release for enhanced encryption protocols.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43108"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2024-45838",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "The goTenna Pro ATAK Plugin does not encrypt callsigns in messages. It is advised to not use sensitive information in callsigns when using this and previous versions of the plugin. Update to current plugin version which uses AES-256 encryption for callsigns in encrypted operation",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45838"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2024-45723",
"cwe": {
"id": "CWE-338",
"name": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
},
"notes": [
{
"category": "summary",
"text": "The goTenna Pro ATAK Plugin does not use SecureRandom when generating passwords for sharing cryptographic keys. The random function in use makes it easier for attackers to brute force this password if the broadcasted encryption key is captured over RF. This only applies to the optional broadcast of an encryption key, so it is advised to share the key with local QR code for higher security operations.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45723"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2024-41722",
"cwe": {
"id": "CWE-1390",
"name": "Weak Authentication"
},
"notes": [
{
"category": "summary",
"text": "In the goTenna Pro ATAK Plugin there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing goTenna mesh networks. This vulnerability can be exploited if the device is being used in an unencrypted environment or if the cryptography has already been compromised. It is advised to use encryption shared with local QR code for higher security operations.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41722"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2024-41931",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "summary",
"text": "The goTenna Pro ATAK Plugin encryption key name is always sent unencrypted when the key is sent over RF through a broadcast message. It is advised to share the encryption key via local QR for higher security operations.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41931"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2024-41715",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "The goTenna Pro ATAK Plugin does not inject extra characters into broadcasted frames to obfuscate the length of messages. This makes it possible to tell the length of the payload regardless of the encryption used.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41715"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2024-43814",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "summary",
"text": "The goTenna Pro ATAK Plugin\u0027s default settings are to share Automatic Position, Location, and Information (PLI) updates every 60 seconds once the plugin is active and goTenna is connected. Users that are unaware of their settings and have not activated encryption before a mission may accidentally broadcast their location unencrypted. It is advised to verify PLI settings are the desired rate and activate encryption prior to mission. Update to the latest Plugin to disable this default setting.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43814"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ATAK Plugin: v2.0.7 or greater",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "goTenna recommends that users follow these mitigations:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "General Mitigations for All Users/Clients",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use Discreet Callsigns and Key Names: Choose callsigns and key names that do not disclose sensitive information, such as your location, team size, or team name. Avoid using any identifiers that could inadvertently reveal your location or the composition of your team.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure End-User Devices: Implement strong security measures on all end-user devices, including the use of encryption and ensuring regular software updates.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow Key Rotation Best Practices: Regularly rotate encryption keys according to industry best practices to maintain ongoing security.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Pro-Specific Mitigations",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Secure Broadcasting: When broadcasting, ensure you are in a secured area and transmit the key at a reduced power of 0.5 Watts to limit exposure.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Leverage Layered Encryption: Implement layered encryption keys to securely manage communications, whether interacting with individuals or teams.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you have any questions please contact prosupport@gotenna.com",
"product_ids": [
"CSAFPID-0001"
],
"url": "mailto:prosupport@gotenna.com"
},
{
"category": "mitigation",
"details": "goTenna recommends that users Follow their secure operating best practices.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.gotennapro.com/s/article/Secure-Operating"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.