Approved changes feed: RSS · Atom

cpe:2.3:o:gotenna:mesh_firmware:1.1.12:*:*:*:*:*:*:*

part: o version: 1.1.12 update: *

VendorGotenna (04dc2b99-45b6-5512-bd24-ced62841f7d2)
ProductMesh Firmware (8690ce00-af8e-544b-aa17-1cb9c818200b)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-32890 vulnerable 2026-06-08 07:19:00.946903 Details available
MEDIUM (5.3)
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message.
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T18:49:46.775Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-32888 vulnerable 2026-06-08 07:19:00.939604 Details available
HIGH (7.3)
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for sending SMS through a goTenna server is hardcoded in the app.
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T19:11:36.218Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-32884 vulnerable 2026-06-08 07:19:00.937626 Details available
MEDIUM (4.3)
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages.
Published: 2025-05-01T00:00:00.000Z
Updated: 2025-05-01T19:33:18.573Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.