CVE-2024-41715
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-41715 identifies a vulnerability in the goTenna Pro ATAK Plugin, which involves a payload length issue that allows attackers to determine the length of the payload regardless of encryption. Affected products include various models designated as y-MdLt, y-LgJT, y-MdLs, among others. The vulnerability has a medium severity rating with a CVSS score of 4.3 and can be exploited without requiring user interaction or special privileges, using an adjacent network attack vector. While the confidentiality impact is classified as low, this vulnerability poses potential risks for organizations by exposing sensitive information about data transmission. Remediation steps have not been specified in the provided details; however, organizations are advised to monitor updates from relevant security advisories for guidance on mitigation strategies.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.