CVE-2024-43694

CVSS V2 None CVSS V3 None
Description
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted broadcast communications based on broadcast keys stored on the device.
Overview
  • CVE ID
  • CVE-2024-43694
  • Assigner
  • icscert
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-09-26T17:25:52.840Z
  • Last Modified Date
  • 2024-09-26T18:26:54.248Z
References
Reference URL Reference Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-05 government-resource
History
Created Old Value New Value Data Type Notes
2024-10-06 14:00:53 Added to TrackCVE