2 matches found
CVE-2024-41715
The goTenna Pro ATAK Plugin does not inject extra characters intobroadcasted frames to obfuscate the length of messages. This makes itpossible to tell the length of the payload regardless of the encryptionused.
CVE-2024-43694
In the goTenna Pro ATAK Plugin application, the encryption keys arestored along with a static IV on the device. This allows for completedecryption of keys stored on the device. This allows an attacker todecrypt all encrypted broadcast communications based on broadcast keysstored on the device.