73 matches found
CVE-2025-46674
NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress not intended for use during flight, potentially leading to a keystream oracle...
CVE-2025-46674
NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress not intended for use during flight, potentially leading to a keystream oracle...
CVE-2025-46674
NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress not intended for use during flight, potentially leading to a keystream oracle...
CVE-2025-46674
NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress not intended for use during flight, potentially leading to a keystream oracle...
CVE-2025-46674
NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress not intended for use during flight, potentially leading to a keystream oracle...
CryptoLib 安全漏洞
CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.3.2 that stems from the use of unfinished extensions that could lead to keystream...
CVE-2025-46674
CVE-2025-46674 affects NASA CryptoLib prior to 1.3.2. The issue arises from using Extended Procedures that are a Work in Progress and not intended for flight, which could enable a keystream oracle. Public references confirm vulnerability details and link to changes between v1.3.1 and v1.3.2. Repo...
CVE-2022-24401
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...
CVE-2022-24402
The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks...
CVE-2022-24402
The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks...
CVE-2022-24401
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...
CVE-2022-24401
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...
CVE-2022-24402
The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks...
Design/Logic Flaw
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...
Design/Logic Flaw
The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks...
CVE-2022-24401
CVE-2022-24401 concerns the TETRA system’s Air Interface Encryption (AIE) keystream generator. The root cause is IV generation based on TDMA frame counters broadcast unauthenticated, enabling an adversary to manipulate counters observed by a mobile station and provoke keystream re-use. This can a...
CVE-2022-24401 Keystream recovery for arbitrary frames in TETRA
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...
CVE-2022-24402 Intentionally weakened effective strength in TETRA TEA1
The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks...
TETRA BURST Security Vulnerability
TETRA BURST is a terrestrial trunked radio standard for radio communications from TETRA BURST. A security vulnerability exists in TETRA BURST that stems from the Air Interface Encryption AIE keystream generator's dependence on network time, which can be publicly broadcast in an unauthenticated...
PT-2023-12749 · Tetra · Tetra
Name of the Vulnerable Software and Affected Versions: TETRA affected versions not specified Description: The issue concerns adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, whic...