data breaches

2TETRA:2BURST – How New Protocol Flaws Break ‘Secure’ TETRA Communications

Published

6 days ago

on

Fresh vulnerabilities in the TETRA standard allow attackers to replay calls, brute-force encryption, and inject fake voice/data—even on “secure” networks. No universal fixes exist, leaving critical communications at risk.

Trust Shattered in ‘Secure’ Channels

For decades, TETRA (Terrestrial Trunked Radio) has been the communications backbone for emergency services, defense units, and critical infrastructure in over 100 countries. Now, new research shows that the technology’s encryption and authentication mechanisms can be bypassed—reviving fears of intercepted orders, falsified commands, and operational sabotage.

The Technical Exploit Pathway

Dutch cybersecurity firm Midnight Blue disclosed the vulnerabilities under the collective name 2TETRA:2BURST. The flaws exist in both the TETRA standard’s design and its vendor implementations.

Key technical risks include:

  1. Replay Injection of Voice & Data (CVE-2025-52940, CVE-2025-52942)
    • Attackers capture encrypted TETRA voice or Short Data Service (SDS) packets over the air.
    • Due to the lack of nonce/sequence number verification, these packets can be replayed at will into the target network.
    • In some vendor models, this replay can also include crafted packets, making them indistinguishable from legitimate transmissions.
  2. AES-128 Downgrade to 56-bit Strength (CVE-2025-52941)
    • A deliberately weakened key schedule in certain AES-128 implementations effectively reduces the key space to 2⁵⁶ possibilities.
    • This allows for feasible brute-force decryption using modern FPGA/GPU clusters in hours, not decades.
  3. Shared Network Keys Across Algorithms (CVE-2025-52943)
    • Multiple encryption algorithms in TETRA share the same key material.
    • If a legacy algorithm (like TEA1) is compromised, the same key can be used to decrypt traffic protected by stronger algorithms.
  4. Lack of Message Authentication (CVE-2025-52944)
    • Without a Message Authentication Code (MAC) or cryptographic signature, there is no way for receiving radios to verify message integrity.
    • Attackers can inject arbitrary voice or SDS messages directly into encrypted channels.
  5. Residual Flaws from CVE-2022-24401 (MBPH-2025-001)
    • ETSI’s earlier patch against keystream recovery attacks is insufficient.
    • Attackers can still recover partial keystream material, enabling partial decryption or aiding brute-force attacks.

Operational Threat Model

The attacks do not require physical access to radios—over-the-air interception and injection is sufficient. With a directional antenna and Software-Defined Radio (SDR) hardware costing under $1,000, a skilled attacker can:

  • Monitor encrypted voice traffic in real time.
  • Replay legitimate commands to create confusion.
  • Inject false SDS messages (e.g., fake SCADA commands to utility equipment).
  • Brute-force encryption keys offline using captured traffic.
  • Stage false emergencies by simulating dispatcher or commander transmissions.

“We’ve demonstrated fake incident reports and false ‘all clear’ commands reaching operational units—these are not hypotheticals,” said Wouter Bokslag, co-founder of Midnight Blue.

Broader Security Implications

This flaw is not just a risk for local police patrols. Many critical infrastructure operators—energy grids, rail networks, airport ground control, and water utilities—use TETRA for telemetry and coordination. A well-timed replay or injection could cause:

  • Power grid misrouting or shutdown commands.
  • Conflicting instructions to military units during an active operation.
  • False reports during natural disasters, delaying real responses.
  • Supply chain disruption through fake logistics commands.

Why Fixing This Is Difficult

Unlike typical software vulnerabilities, these flaws are embedded in protocol specifications and hardware firmware. Fixes require firmware updates across fleets of radios and sometimes even hardware replacement—both costly and logistically complex.

ETSI (the standards body) has issued mitigation guidance, but researchers note that true cryptographic redesign is needed for lasting security.

“We’re talking about decades-old cryptographic assumptions that no longer hold,” said Karim El Fadil, an independent telecom security auditor. “Some of these radios will never be updated because the organizations running them don’t even have an inventory of devices.”

Next Steps for Agencies

  1. Inventory all TETRA devices and identify vulnerable firmware versions.
  2. Restrict use of SDS commands to only mission-critical operations.
  3. Deploy secondary encryption overlays where possible (VPN over TETRA IP links).
  4. Monitor for anomalous replay traffic using RF spectrum analysis.
  5. Prepare contingency comms plans in case TETRA channels are compromised.
  6. Full research: midnightblue.nl/research/2tetra2burst

Source: The Hacker News

Related Topics:

Trending

Exit mobile version