Etsi Tetra Standard
5 CVEs affecting Etsi Tetra Standard. Latest disclosed: 2023-12-05. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-24401 | High | 8.8 | 2023-10-19 | Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame c… |
CVE-2022-24402 | High | 8.8 | 2023-10-19 | The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystr… |
CVE-2022-24400 | High | 7.5 | 2023-10-19 | A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero. |
CVE-2022-24404 | Medium | 5.9 | 2023-10-19 | Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulat… |
CVE-2022-24403 | Medium | 4.3 | 2023-12-05 | The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK (Class 2 networks) or CCK (Class 3 networks). The s… |