Inadequate Key Register Initialization in TETRA TEA1 Keystream Generator

Inadequate Key Register Initialization in TETRA TEA1 Keystream Generator

CVE-2022-24402 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks.

Learn more about our Web Application Penetration Testing UK.