Vulnerabilities > Midnightblue > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-19 | CVE-2022-24401 | Authorization Bypass Through User-Controlled Key vulnerability in Midnightblue Tetra:Burst Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. | 8.1 |
| 2023-10-19 | CVE-2022-24402 | Improper Restriction of Excessive Authentication Attempts vulnerability in Midnightblue Tetra:Burst The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks. | 7.5 |
| 2023-10-19 | CVE-2022-24404 | Improper Validation of Integrity Check Value vulnerability in Midnightblue Tetra:Burst Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. | 7.5 |