What is the severity of CVE-2025-32883?

CVE-2025-32883 is considered a high severity vulnerability due to the potential for message injection in unencrypted networks.

How do I fix CVE-2025-32883?

To mitigate CVE-2025-32883, ensure that your goTenna devices are updated to the latest firmware and app versions and utilize encryption when communicating.

What devices are affected by CVE-2025-32883?

CVE-2025-32883 affects goTenna Mesh devices running app version 5.5.3 and firmware version 1.1.12.

What exploitation methods are possible with CVE-2025-32883?

CVE-2025-32883 can be exploited via software-defined radio to inject arbitrary messages into existing mesh networks.

What risks are associated with CVE-2025-32883?

Risks associated with CVE-2025-32883 include unauthorized message injection and potential disruption of communication in mesh networks.

Vulnerability/
CVE-2025-32883

medium

6.5

CWE

1390

1/5/2025

2/5/2025

CVE-2025-32883

First published: Thu May 01 2025(Updated: )

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The app there makes it possible to inject any custom message (into existing mesh networks) with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted environment or if the cryptography has already been compromised.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
goTenna Mesh App
goTenna Mesh Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-32883?
CVE-2025-32883 is considered a high severity vulnerability due to the potential for message injection in unencrypted networks.
How do I fix CVE-2025-32883?
To mitigate CVE-2025-32883, ensure that your goTenna devices are updated to the latest firmware and app versions and utilize encryption when communicating.
What devices are affected by CVE-2025-32883?
CVE-2025-32883 affects goTenna Mesh devices running app version 5.5.3 and firmware version 1.1.12.
What exploitation methods are possible with CVE-2025-32883?
CVE-2025-32883 can be exploited via software-defined radio to inject arbitrary messages into existing mesh networks.
What risks are associated with CVE-2025-32883?
Risks associated with CVE-2025-32883 include unauthorized message injection and potential disruption of communication in mesh networks.

collector/mitre-cve
source/MITRE
agent/references
agent/type
agent/first-publish-date
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/author
agent/severity
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/weakness
agent/last-modified-date
agent/event
vendor/gotenna
canonical/gotenna mesh app
canonical/gotenna mesh firmware

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.