TETRA:BURST is a collection of five vulnerabilities, two of which are deemed critical, affecting the Terrestrial Trunked Radio (TETRA) standard used globally by law enforcement, military, critical infrastructure, and industrial asset owners in the power, oil & gas, water, and transport sectors and beyond.
Most of the TETRA:BURST vulnerabilities affect all TETRA networks. Depending on infrastructure and device configurations, these vulnerabilities allow for realtime decryption, harvest-now-decrypt-later attacks, message injection, user deanonymization, or session key pinning. Firmware patches are available for some of these vulnerabilities, while compensating controls are recommended for others.
2 comments
[ 3.6 ms ] story [ 24.5 ms ] threadMost of the TETRA:BURST vulnerabilities affect all TETRA networks. Depending on infrastructure and device configurations, these vulnerabilities allow for realtime decryption, harvest-now-decrypt-later attacks, message injection, user deanonymization, or session key pinning. Firmware patches are available for some of these vulnerabilities, while compensating controls are recommended for others.
-- Related --
Tetra radio tech used in vital infrastructure worldwide vulnerable : https://nltimes.nl/2023/07/24/radio-tech-used-vital-infrastr...
Code Kept Secret for Years Reveals Its Flaw–A Backdoor : https://www.wired.com/story/tetra-radio-encryption-backdoor/
Terrestrial Trunked Radio (TETRA) – (Trans-European Trunked Radio) : https://en.wikipedia.org/wiki/Terrestrial_Trunked_Radio
Comment by rasz : https://news.ycombinator.com/item?id=36855269