Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24403 | 1 Midnightblue | 1 Tetra\ | 2023-12-12 | N/A | 4.3 MEDIUM |
| The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK (Class 2 networks) or CCK (Class 3 networks). The structure of TA61 allows for efficient recovery of this 64-bit value, allowing an adversary to encrypt or decrypt arbitrary identities given only three known encrypted/unencrypted identity pairs. | |||||
| CVE-2022-24400 | 1 Midnightblue | 1 Tetra\ | 2023-12-10 | N/A | 5.9 MEDIUM |
| A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero. | |||||
| CVE-2022-24402 | 1 Midnightblue | 1 Tetra\ | 2023-12-10 | N/A | 7.5 HIGH |
| The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks. | |||||
| CVE-2022-24401 | 1 Midnightblue | 1 Tetra\ | 2023-12-10 | N/A | 8.1 HIGH |
| Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of these counters in a mobile station, provoking keystream re-use. By sending crafted messages to the MS and analyzing MS responses, keystream for arbitrary frames can be recovered. | |||||
| CVE-2022-24404 | 1 Midnightblue | 1 Tetra\ | 2023-12-10 | N/A | 7.5 HIGH |
| Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion. | |||||