Vulnerabilities > CVE-2022-24402 - Improper Restriction of Excessive Authentication Attempts vulnerability in Midnightblue Tetra:Burst

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
midnightblue
CWE-307

Summary

The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks.

Vulnerable Configurations

Part Description Count
Application
Midnightblue
1