What is CVE-2022-24400?

A high-severity vulnerability exists in the TETRA authentication procedure that allows a MITM adversary to manipulate session keys. Immediate action is required to mitigate potential impacts.

What is the severity of CVE-2022-24400?

CVE-2022-24400 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2022-24400 | High Vulnerability in Midnight Blue TETRA

CVE-2022-24400 is a significant vulnerability affecting the TETRA authentication procedure implemented by Midnight Blue. This flaw allows a man-in-the-middle (MITM) adversary, who can predict the MS challenge RAND2, to set the session key DCK to zero. With a CVSS base score of 7.5, this vulnerability is classified as high severity, indicating that it poses a serious risk to affected systems.

The vulnerability was published on October 19, 2023, and has since been modified. Organizations using the affected TETRA systems are at risk of unauthorized access and potential data compromise due to the high-impact nature of this vulnerability.

Given the high attack complexity and the need for no privileges or user interaction, the risk to organizations includes severe data integrity and availability issues. Organizations should prioritize patching immediately.

As of now, there are no known exploits or public proof of concepts (PoCs) associated with this vulnerability. However, the potential for exploitation remains a concern, underscoring the importance of timely remediation.

Vulnerability Details

The flaw in the TETRA authentication procedure is characterized as a high-severity vulnerability. With a CVSS score of 7.5, it presents high confidentiality, integrity, and availability impacts, making it essential for organizations to understand its implications. The vulnerability affects all versions of the TETRA system prior to the vendor patch.

The primary weakness associated with this vulnerability is categorized under CWE-639, which relates to the improper validation of the MS challenge RAND2. This flaw allows an attacker to manipulate session keys, leading to potential unauthorized access.

The vulnerability affects the Midnight Blue's TETRA product, specifically the TETRA:BURST component. Organizations should verify their systems to identify any exposure to this vulnerability.

Technical Analysis

The root cause of this vulnerability stems from the flawed authentication procedure in the TETRA system. The attack vector is adjacent network, requiring the attacker to be within proximity to the targeted device. The attack complexity is deemed high, which means that significant effort is needed to exploit the vulnerability.

No privileges are required for exploitation, and no user interaction is necessary, making this vulnerability particularly dangerous. If successfully exploited, it leads to high impacts on confidentiality, integrity, and availability, as all these aspects are rated high.

Risk & Impact Analysis

Risk to organizations includes the potential for unauthorized access and manipulation of sensitive data. The blast radius could extend to all users of the affected TETRA system, impacting operational integrity and trust. Given the current threat landscape and the nature of this vulnerability, organizations should address it in their priority patch cycle.

The urgency for remediation is underscored by the high CVSS score and the potential for serious impacts on business operations. Organizations should prioritize patching immediately.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The vulnerability affects all versions of the TETRA system prior to the vendor patch. Organizations should ensure they are running the latest version to mitigate the risk.

Mitigation & Remediation

Organizations should follow the vendor's guidelines for patching the TETRA system. Immediate updates are recommended to close this vulnerability. If a patch is unavailable, implementing network segmentation and strict access controls can help mitigate risk. For further assistance, organizations can explore penetration testing services to identify potential weaknesses.

Detection Guidance

Monitoring for unusual network traffic patterns, particularly in adjacent networks, may indicate attempts to exploit this vulnerability. Logging access attempts and analyzing behavioral anomalies can provide insights into potential exploitation.

AppSecure Threat Intelligence Insight

The TETRA authentication procedure vulnerability highlights a critical area of concern in communication security. Organizations should take this as a warning to review their security practices and ensure that authentication mechanisms are robust against MITM attacks. For strategic guidance, organizations can refer to penetration testing methodology and vulnerability management program design to enhance their security posture. Additionally, adopting cloud penetration testing best practices can further assist in mitigating similar risks.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-24400: High Vulnerability in Midnight Blue TETRA