CVE-2022-24404

Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion.
References
Link Resource
https://tetraburst.com/ Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:midnightblue:tetra\:burst:-:*:*:*:*:*:*:*

History

25 Oct 2023, 16:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
First Time Midnightblue tetra\
Midnightblue
CWE CWE-354
References (MISC) https://tetraburst.com/ - (MISC) https://tetraburst.com/ - Vendor Advisory
CPE cpe:2.3:a:midnightblue:tetra\:burst:-:*:*:*:*:*:*:*

19 Oct 2023, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-19 10:15

Updated : 2024-02-28 20:33


NVD link : CVE-2022-24404

Mitre link : CVE-2022-24404

CVE.ORG link : CVE-2022-24404


JSON object : View

Products Affected

midnightblue

  • tetra\
CWE
CWE-354

Improper Validation of Integrity Check Value

CWE-353

Missing Support for Integrity Check