Lucene search

NCSC-NLCVE-2022-24403

HistoryDec 05, 2023 - 2:15 p.m.

CVE-2022-24403

2023-12-0514:15:07

CWE-327

NCSC-NL

web.nvd.nist.gov

tetra

ta61

identity encryption

adversary

encryption

decryption

nvd

cve-2022-24403

CVSS3

4.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

4.8

Confidence

High

EPSS

Percentile

12.7%

JSON

The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK (Class 2 networks) or CCK (Class 3 networks). The structure of TA61 allows for efficient recovery of this 64-bit value, allowing an adversary to encrypt or decrypt arbitrary identities given only three known encrypted/unencrypted identity pairs.

Affected configurations

Nvd

Node

midnightbluetetra\Matchburst-

VendorProductVersionCPE
midnightbluetetra\burstcpe:2.3:a:midnightblue:tetra\:burst:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
midnightblue	tetra\	burst	cpe:2.3:a:midnightblue:tetra\:burst:-:::::::*

CNA Affected

[
  {
    "vendor": "ETSI",
    "product": "TETRA Standard",
    "versions": [
      {
        "version": "TA61",
        "status": "affected"
      }
    ]
  }
]

References

tetraburst.com/

CVSS3

4.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

4.8

Confidence

High

EPSS

Percentile

12.7%

JSON

Related for CVE-2022-24403