CVE-2025-32886
First published: Thu May 01 2025(Updated: )
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| goTenna goTenna v1 | ||
| goTenna v1 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-32886?
CVE-2025-32886 is considered to be a high severity vulnerability due to the potential for sensitive data interception.
How do I fix CVE-2025-32886?
To mitigate CVE-2025-32886, users should update their goTenna v1 devices to the latest firmware version that addresses this vulnerability.
What devices are affected by CVE-2025-32886?
CVE-2025-32886 affects goTenna v1 devices running app version 5.5.3 and firmware version 0.25.5.
What kind of data can be intercepted due to CVE-2025-32886?
CVE-2025-32886 allows local access users to potentially intercept sensitive data transmitted over RF and the UART interface.
Is physical access required to exploit CVE-2025-32886?
Yes, exploiting CVE-2025-32886 requires physical access to the affected goTenna v1 device.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/first-publish-date
- agent/type
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/author
- agent/severity
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/last-modified-date
- agent/event
- vendor/gotenna
- canonical/gotenna gotenna v1
- canonical/gotenna v1 firmware