Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
goTenna Pro ATAK Plugin Use of Cryptographically Weak Pseudo-Random Number Generator
Vulnerability Description
The goTenna Pro ATAK Plugin does not use SecureRandom when generating passwords for sharing cryptographic keys. The random function in use makes it easier for attackers to brute force this password if the broadcasted encryption key is captured over RF. This only applies to the optional broadcast of an encryption key, so it is advised to share the key with local QR code for higher security operations.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
使用具有密码学弱点缺陷的PRNG
Vulnerability Title
goTenna Pro 安全特征问题漏洞
Vulnerability Description
goTenna Pro是goTenna公司的一系列可为离网通信和态势感知创建网络的设备。 goTenna Pro 1.9.12及之前版本存在安全特征问题漏洞,该漏洞源于在生成加密密钥时未使用SecureRandom,所使用的随机函数不适合用于加密。
CVSS Information
N/A
Vulnerability Type
N/A