Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion.
The product does not validate or incorrectly validates the integrity check values or “checksums” of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tetra:burst | Midnightblue | - (including) | - (including) |