CVE-2024-47130
📋 TL;DR
The goTenna Pro App vulnerability allows unauthenticated attackers to remotely replace the public keys used for peer-to-peer and group message encryption. This enables attackers to intercept and potentially decrypt communications. All users of vulnerable goTenna Pro App versions are affected.
💻 Affected Systems
- goTenna Pro App
📦 What is this software?
Gotenna Pro by Gotenna
Gotenna Pro by Gotenna
⚠️ Risk & Real-World Impact
Worst Case
Attackers could perform man-in-the-middle attacks, intercepting and decrypting all P2P and group communications, potentially exposing sensitive location data and messages.
Likely Case
Attackers intercept communications between devices, compromising message confidentiality and potentially tracking device locations.
If Mitigated
With proper network segmentation and monitoring, impact is limited to isolated network segments, but communications remain vulnerable within those segments.
🎯 Exploit Status
The vulnerability description indicates unauthenticated remote exploitation is possible, suggesting relatively simple attack vectors.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Current release (specific version not specified in advisory)
Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04
Restart Required: Yes
Instructions:
1. Open your device's app store (Google Play Store or Apple App Store). 2. Search for 'goTenna Pro'. 3. If an update is available, tap 'Update'. 4. After updating, restart the app to ensure new encryption protocols are active.
🔧 Temporary Workarounds
Network Segmentation
allIsolate goTenna Pro devices on separate network segments to limit attack surface
Disable Unnecessary Features
allDisable P2P and group messaging features if not required for operations
🧯 If You Can't Patch
- Discontinue use of goTenna Pro App for sensitive communications
- Implement additional encryption layer for all communications (e.g., VPN or application-layer encryption)
🔍 How to Verify
Check if Vulnerable:
Check app version in device settings. If version is older than current release, assume vulnerable.Check Version:
On device: Settings > Apps > goTenna Pro > App Info (version varies by OS)Verify Fix Applied:
Verify app version matches current release version from official app store listing.📡 Detection & Monitoring
Log Indicators:
- Unexpected public key changes in app logs
- Multiple failed authentication attempts followed by successful key updates
Network Indicators:
- Unusual network traffic patterns to/from goTenna devices
- Suspicious key exchange traffic from unexpected sources
SIEM Query:
source="goTenna" AND (event_type="key_update" OR event_type="authentication_failure")