What is CVE-2022-26942?

CVE-2022-26942 is a high-severity vulnerability in Motorola Mobile Radio, classified under Untrusted Pointer Dereference. CVSS score: 8.2/10. Published 2023-10-19.

How severe is CVE-2022-26942?

High severity. CVSS v3 base score is 8.2 out of 10.

Vulnerability in Motorola Mobile Radio

CVE-2022-26942

The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functional…

EPSS: 0.001 (20.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:F/RL:U/RC:C/CR:X/IR:X/AR:X/MAV:L/MAC:L/MPR:H/MUI:N/MS:C/MC:H/MI:H/MA:H.

Affected products

Motorola Mobile Radio — versions MTM5000

Weakness classification (CWE)

CWE-822 — Untrusted Pointer Dereference

References

TETRA:BURST (related)

Frequently asked questions

What is CVE-2022-26942?: CVE-2022-26942 is a high-severity vulnerability in Motorola Mobile Radio, classified under Untrusted Pointer Dereference. CVSS score: 8.2/10. Published 2023-10-19.
How severe is CVE-2022-26942?: High severity. CVSS v3 base score is 8.2 out of 10.