CVE-2024-47121
📋 TL;DR
The goTenna Pro App uses weak passwords for sharing encryption keys via RF broadcast, allowing attackers who capture the broadcast to potentially brute-force the password and decrypt all past and future encrypted messages using that key. This affects users who enable the optional key broadcast feature. The vulnerability is specific to RF key sharing and doesn't affect local QR code key sharing.
💻 Affected Systems
- goTenna Pro App
📦 What is this software?
Gotenna Pro by Gotenna
Gotenna Pro by Gotenna
⚠️ Risk & Real-World Impact
Worst Case
All encrypted communications using a compromised broadcast key become permanently decryptable, exposing sensitive messages and location data.
Likely Case
Limited exposure of specific encrypted broadcasts if an attacker is within RF range and successfully cracks the weak password.
If Mitigated
No impact if using local QR code key sharing instead of RF broadcast, or if strong passwords are enforced.
🎯 Exploit Status
Requires physical proximity to capture RF broadcasts and computational resources for brute-force attack.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not specified in advisory
Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Restart Required: Yes
Instructions:
1. Update goTenna Pro App to latest version from official app store. 2. Restart the application after update. 3. Verify update in app settings.
🔧 Temporary Workarounds
Disable RF Key Broadcast
allUse local QR code encryption key sharing instead of RF broadcast method
Navigate to app settings > Encryption Key Sharing > Select 'QR Code' instead of 'Broadcast'
Use Strong Passwords
allIf RF broadcast must be used, enforce strong, complex passwords for key sharing
When broadcasting keys, use passwords with 12+ characters including uppercase, lowercase, numbers, and symbols
🧯 If You Can't Patch
- Disable RF key broadcast feature entirely and use only local QR code sharing
- Implement network segmentation to limit RF broadcast range and physical access
🔍 How to Verify
Check if Vulnerable:
Check if using RF broadcast for key sharing in app settings. If enabled and using weak passwords, system is vulnerable.Check Version:
Check app version in device settings > Apps > goTenna ProVerify Fix Applied:
Verify app is updated to latest version and RF broadcast uses strong passwords or is disabled.📡 Detection & Monitoring
Log Indicators:
- Multiple failed decryption attempts
- Unusual RF broadcast patterns
Network Indicators:
- RF signal capture devices in proximity
- Unusual network traffic patterns during key broadcasts
SIEM Query:
Not applicable - primarily physical/RF based attack