CVE-2025-32886
📋 TL;DR
This vulnerability allows local attackers to intercept sensitive data transmitted by goTenna v1 devices. When packets are sent over RF, they are also transmitted over UART with USB Shell, exposing protocol information and potentially sensitive communications. This affects users of goTenna v1 devices with specific app and firmware versions.
💻 Affected Systems
- goTenna v1 device
📦 What is this software?
Gotenna by Gotenna
⚠️ Risk & Real-World Impact
Worst Case
An attacker with physical access could intercept all RF communications, including sensitive messages, location data, and protocol details, potentially enabling further attacks on the mesh network.
Likely Case
Local attackers with brief physical access could capture some transmitted data, gaining insight into communications and potentially intercepting sensitive information.
If Mitigated
With proper physical security controls, the risk is minimal as attackers cannot access the USB port without physical device access.
🎯 Exploit Status
Exploitation requires physical access to connect to the USB port. The GitHub reference demonstrates the vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: https://gotenna.com
Restart Required: No
Instructions:
No official patch available. Check goTenna website for firmware updates. Consider upgrading to newer goTenna models if available.
🔧 Temporary Workarounds
Disable USB Shell Access
allPhysically secure the USB port or disable USB shell functionality if supported by firmware
Physical Security Controls
allImplement strict physical access controls to prevent unauthorized USB connections
🧯 If You Can't Patch
- Physically secure devices to prevent unauthorized USB access
- Consider retiring affected goTenna v1 devices and upgrading to newer models
🔍 How to Verify
Check if Vulnerable:
Check device firmware version (0.25.5) and app version (5.5.3) in goTenna app settingsCheck Version:
Check version in goTenna mobile app settings under Device InformationVerify Fix Applied:
Monitor goTenna website for firmware updates and patch notes addressing CVE-2025-32886📡 Detection & Monitoring
Log Indicators:
- Unexpected USB connections to goTenna devices
- Multiple failed authentication attempts on USB interface
Network Indicators:
- Unusual USB traffic patterns from goTenna devices
- Unexpected serial/UART communication
SIEM Query:
DeviceLogs WHERE device_type="goTenna" AND (event_type="USB_connection" OR interface="UART")