Products
goTenna Pro series
Source
ics-cert@hq.dhs.gov
Tags
CVE-2024-47125 details
Published : Sept. 26, 2024, 6:15 p.m.
Last Modified : Sept. 26, 2024, 6:15 p.m.
Last Modified : Sept. 26, 2024, 6:15 p.m.
Description
The goTenna Pro series does not authenticate public keys which allows an unauthenticated attacker to intercept and manipulate messages.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-923 | Improper Restriction of Communication Channel to Intended Endpoints | The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint. |
References
URL | Source |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04 | ics-cert@hq.dhs.gov |
This website uses the NVD API, but is not approved or certified by it.