ICS-CERT AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys used for P2P and Group messages.

The goTenna Pro App allows unauthenticated attackers to remotely update 
the local public keys used for P2P and group messages. It is advised to 
update your app to the current release for enhanced encryption 
protocols.

OR
     *cpe:2.3:a:gotenna:gotenna_pro:*:*:*:*:*:iphone_os:*:* versions up to (including) 1.6.1
     *cpe:2.3:a:gotenna:gotenna_pro:*:*:*:*:*:android:*:* versions up to (excluding) 2.0.3

OR
     *cpe:2.3:a:gotenna:gotenna_pro:*:*:*:*:*:*:*:* versions up to (including) 1.6.1

NIST AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

OR
     *cpe:2.3:a:gotenna:gotenna_pro:*:*:*:*:*:*:*:* versions up to (including) 1.6.1

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04 No Types Assigned

https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04 Third Party Advisory, US Government Resource

ICS-CERT CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

ICS-CERT CWE-306

The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys used for P2P and Group messages.

ICS-CERT https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04 [No types assigned]