Data Exposure Vulnerability in goTenna Devices
CVE-2025-32881

6.5MEDIUM

Key Information:

Vendor: goTenna
Status: goTenna v1
Vendor: CVE Published:; 1 May 2025

What is CVE-2025-32881?

A data exposure issue has been identified in goTenna v1 devices, where the Group ID (GID) defaults to the user's phone number unless the user opts out. This raises significant privacy concerns, as phone numbers are sensitive information that can easily identify individuals. Additionally, the application does not encrypt the GID in messages, further compromising user privacy and security. Organizations using these devices should take immediate action to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://gotenna.com

https://github.com/Dollarhyde/goTenna_v1_and_Mesh_vulnera...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 1, 2025
Vulnerability Reserved
Apr 11, 2025

JSON

goTenna

What is CVE-2025-32881?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.