CVE-2024-41722

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Sep 26, 2024
Updated: Sep 30, 2024
CWE ID 1390

Summary

CVE-2024-41722 is a vulnerability found in the goTenna Pro ATAK Plugin, which allows for the injection of custom messages into existing goTenna mesh networks using software-defined radio. Affected products include various models such as y-MdLt, y-MdLs, and y-KL7Q among others. This vulnerability poses a high confidentiality impact and can be exploited in unencrypted environments or if existing cryptographic measures are compromised. To mitigate this risk, organizations should ensure that encryption is adequately implemented and reviewed regularly. The exploitability score is rated at 2.8, with a base severity level classified as medium, indicating that while exploitation requires low complexity, it can lead to significant data exposure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share