ГлавнаяУязвимости → CVE-2024-22064
8.3высокая

CVE-2024-22064

Описание

ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the user session informations using the keys may be leaked.

Затрагиваемое ПО
Zte Zxun-epdg
CVSS
Балл8.3 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Источники
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035524https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035524