Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
8.1
CVSSv3

CVE-2022-24401

Published: 19/10/2023 Updated: 07/11/2023
CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8
VMScore: 0

Vulnerability Summary

Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of these counters in a mobile station, provoking keystream re-use. By sending crafted messages to the MS and analyzing MS responses, keystream for arbitrary frames can be recovered.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

midnightblue tetra burst

Recent Articles

TETRA radio comms used by emergency heroes easily cracked, say experts
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources If it looks like a backdoor, walks like a backdoor, maybe it's ... export control

Updated Midnight Blue, a security firm based in the Netherlands, has found five vulnerabilities that affect Terrestrial Trunked Radio (TETRA), used in Europe, the United Kingdom, and many other countries by government agencies, law enforcement, and emergency services organizations. The flaws, dubbed TETRA:BURST, are said to affect all TETRA radio networks. They potentially allow an attacker to decrypt communications in real-time or after the fact, to inject messages, to deanonymize users, or to ...

Read more...
TETRA radio comms used by emergency heroes easily cracked, say experts
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources If it looks like a backdoor, walks like a backdoor, maybe it's a ...

Midnight Blue, a security firm based in the Netherlands, has found five vulnerabilities that affect Terrestrial Trunked Radio (TETRA), used in Europe, the United Kingdom, and many other countries by government agencies, law enforcement, and emergency services organizations. The flaws, dubbed TETRA:BURST, are said to affect all TETRA radio networks. They potentially allow an attacker to decrypt communications in real-time or after the fact, to inject messages, to deanonymize users, or to set the ...

Read more...

References

CWE-639https://tetraburst.com/https://nvd.nist.govhttps://www.theregister.co.uk/2023/07/24/tetra_radio_security_flaws/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflowtype confusionserver-side request forgeryCVE-2024-38440CVE-2024-27801CVE-2024-5868CVE-2024-0582CVE-2024-37643CVE-2024-3105
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook