TETRA TA61 Identity Encryption Vulnerability

TETRA TA61 Identity Encryption Vulnerability

CVE-2022-24403 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK (Class 2 networks) or CCK (Class 3 networks). The structure of TA61 allows for efficient recovery of this 64-bit value, allowing an adversary to encrypt or decrypt arbitrary identities given only three known encrypted/unencrypted identity pairs.

Learn more about our Internal Network Penetration Testing.