Back

CVE-2024-47121

Sept. 26, 2024, 6:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

goTenna Pro series

Source

ics-cert@hq.dhs.gov

Tags

ics-cert@hq.dhs.gov
CWE-521
2024-09-26
CVE-2024-47121

CVE-2024-47121 details

Published : Sept. 26, 2024, 6:15 p.m.
Last Modified : Sept. 26, 2024, 6:15 p.m.

Description

The goTenna Pro series uses a weak password for the QR broadcast message. If the QR broadcast message is captured over RF it is possible to decrypt it and use it to decrypt all future and past messages sent via encrypted broadcast.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description
CWE-521 Weak Password Requirements The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

References

URL Source
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04 ics-cert@hq.dhs.gov
This website uses the NVD API, but is not approved or certified by it.