{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T23:21:55.704","vulnerabilities":[{"cve":{"id":"CVE-2022-26942","sourceIdentifier":"cert@ncsc.nl","published":"2023-10-19T10:15:09.913","lastModified":"2024-11-21T06:54:50.667","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure supervisor level code execution can exploit the issue in order to gain secure supervisor code execution within the TEE. This constitutes a full break of the TEE module, exposing the device key as well as any TETRA cryptographic keys and the confidential TETRA cryptographic primitives. "},{"lang":"es","value":"Los firmwares de la serie Motorola MTM5000 carecen de validación de puntero en los argumentos pasados a los módulos Trusted Execution Environment (TEE). Se utilizan dos módulos, uno responsable de la gestión de claves KVL y el otro de la funcionalidad criptográfica TETRA. En ambos módulos, un adversario con una ejecución de código de nivel de supervisor no segura puede aprovechar el problema para obtener una ejecución segura de código de supervisor dentro del TEE. Esto constituye una ruptura total del módulo TEE, exponiendo la clave del dispositivo, así como cualquier clave criptográfica TETRA y las primitivas criptográficas TETRA confidenciales."}],"metrics":{"cvssMetricV31":[{"source":"cert@ncsc.nl","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0}]},"weaknesses":[{"source":"cert@ncsc.nl","type":"Secondary","description":[{"lang":"en","value":"CWE-822"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-763"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:motorola:mtm5500_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7C0C44-3660-4B47-A1ED-0BD19EFC5F03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:motorola:mtm5500:-:*:*:*:*:*:*:*","matchCriteriaId":"A1A0784B-AE84-4457-A884-5C26EEA8D181"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:motorola:mtm5400_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FF669A29-B983-40F6-BBA9-D9F67E653BEF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:motorola:mtm5400:-:*:*:*:*:*:*:*","matchCriteriaId":"03AA5A43-A1B5-4E1C-A844-691607765E30"}]}]}],"references":[{"url":"https://tetraburst.com/","source":"cert@ncsc.nl","tags":["Technical Description"]},{"url":"https://tetraburst.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description"]}]}}]}