CVE-2024-41722 Information

Description

In the goTenna Pro ATAK Plugin there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing gotenna mesh networks. This vulnerability can be exploited if the device is being used in a unencrypted environment or if the cryptography has already been compromised.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-05