Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Keystream recovery for arbitrary frames in TETRA
Vulnerability Description
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of these counters in a mobile station, provoking keystream re-use. By sending crafted messages to the MS and analyzing MS responses, keystream for arbitrary frames can be recovered.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在加密中重用Nonce与密钥对
Vulnerability Title
TETRA BURST 安全漏洞
Vulnerability Description
TETRA BURST是TETRA BURST公司的一款用于无线电通信的地面集群无线电标准。 TETRA BURST 存在安全漏洞,该漏洞源于空中接口加密(AIE)密钥流生成器依赖于网络时间,该时间可以以未经身份验证的方式公开广播,导致允许解密预言机进行解密攻击。
CVSS Information
N/A
Vulnerability Type
N/A