0 Min Read
CVE-2024-22064
Originally published May 10, 2024.
Protect and safeguard your OT network and operations with the industry's most advanced, most capable cybersecurity platform.
Learn MoreDiscover and visualize every asset and every network connection in your OT environment.
Segment your network and enforce granular policies for true Zero Trust cybersecurity.
Identify unexpected or unauthorized activity, from Level 0 signals to cloud connections.
Monitor physical process signals to detect threats and prevent system damage.
With advanced technology and an expert team, Mission Secure helps organizations meet their most pressing OT security challenges.
Keep your organization secure against cyber threats and take control of your OT network.
View All IndustriesFind helpful OT and ICS cybersecurity resources, guides, and downloads.
View All ResourcesOur team of world-class OT, IT, and cybersecurity experts are setting the standard in OT cyber-protection.
Learn MoreWritten by Mission Secure
Security professionals in OT should be aware that CVE-2024-22064 exposes a vulnerability in ZTE ZXUN-ePDG, a network node in VoWiFi systems. Due to a configuration error, non-unique cryptographic keys are used during secure connections (IKE) with mobile devices. If these keys are compromised, user session information could be leaked, posing a security risk to OT networks.
From the CVE database:
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the user session informations using the keys may be leaked.
https://www.cve.org/CVERecord?id=CVE-2024-22064
Originally published May 10, 2024.