Floragasse 7 – 5th floor, 1040 Vienna
Subscribe to our Newsletter

News

SBA Security Advisory – ZTE ZXUN-ePDG – Use of non-unique cryptographic keys under default configuration (CVE-2024-22064)

Vulnerability Overview

ZTE ZXUN-ePDG product, which serves as the network node of the VoWiFi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection (IKE) with the mobile devices connecting over the internet. If the set of keys are leaked or cracked, the user session informations using the keys may be leaked.

Affected Version: V5.20.19 and ealier

  • Type of Vulnerability: Global Key Reusage
  • Fixed in Version: V5.20.20
  • CVE ID: CVE-2024-22064
  • CVSS Vector: CVSS v3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  • CVSS Base Score: 8.3 (High)

Recommended Countermeasure

We recommend to update ZTE ZXUN-ePDG to version V5.20.20 or later. For further details, see full paper.

Links

Full Paper
ZTE Configuration Error Vulnerability in ZTE ZXUN-ePDG
Github Repository

Credits

Gabriel Gegenhuber (SBA Research, Universität Wien)
Florian Holzbauer (Universität Wien)
Philipp Frenzel (SBA Research)
Edgar Weippl (Universität Wien, CDL-SQI)
Adrian Dabrowski (CISPA)