๐Ÿ” CVE Alert

CVE-2022-24400

HIGH 7.5

DCK pinning attack in TETRA

CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th

A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero.

CWE CWE-807
Vendor etsi
Product tetra standard
Published Oct 19, 2023
Last Updated Sep 12, 2024
Stay Ahead of the Next One

Get instant alerts for etsi tetra standard

Be the first to know when new high vulnerabilities affecting etsi tetra standard are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R/CR:H/IR:H/AR:H/MAV:A/MAC:H/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

ETSI / TETRA Standard
all

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
tetraburst.com: https://tetraburst.com/

Credits

Midnight Blue