Vulnerability Database

309,540

Total vulnerabilities in the database

CVE-2024-45723

The goTenna Pro ATAK Plugin does not use SecureRandom when generating passwords for sharing cryptographic keys. The random function in use makes it easier for attackers to brute force this password if the broadcasted encryption key is captured over RF. This only applies to the optional broadcast of an encryption key, so it is advised to share the key with local QR code for higher security operations.

Published: Sep 26, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-45723
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-338

Affected Software
References

Software	From	Fixed in
gotenna / gotenna	-	2.0.7

https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-05

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo