Cybersecurity researchers have discovered new security issues with the Terrestrial Trunk Radio (TETRA) communications protocol, including a unique end-to-end encryption (E2EE) mechanism that exposes the system to regenerate and brute-force attacks, and even decrypt encrypted traffic.
Vulnerability Details – 2tetra: Called 2burst – Last week, Midnight Blue researchers Carlo Meijer, Wouter Bokslag and Jos Wetzels presented at the Black Hat USA Security Conference.
Tetra is a European mobile radio standard widely used in law enforcement, military, transportation, utilities, and critical infrastructure operators. Developed by the European Institute for Communications Standards (ETSI). It includes four encryption algorithms: TEA1, TEA2, TEA3 and TEA4.
The disclosure comes more than two years after a Dutch-based cybersecurity company discovers a security vulnerability in Tetra Standard called Tetra: Burst, and counts what is known as “intentional backdoors” that could be exploited in leaky information.
The newly discovered problem relates to cases of packet injection in Tetra and to an inadequate fix of one of five Tetras, CVE-2022-24401. The identified issues are listed below –
CVE-2025-52940-Tetra-end encrypted audio streams are vulnerable to replay attacks. Additionally, an attacker without key knowledge may inject any audio stream that is less pressing than genuine traffic by legitimate call recipients. CVE-2025-52941-Tetra-End-to-End Cryptography Algorithm ID 135 refers to a deliberately weakened AES-128 implementation that reduces the valid traffic key entropy from 128 bit to 56 bits, making it vulnerable to brute force attacks. CVE-2025-52942 – End-to-end encrypted Tetra SDS messages have replay protection and allow any replay of messages to humans or machines. CVE-2025-52943-TETRA networks that support multiple AIR interface encryption algorithms are vulnerable to key recovery attacks as the SCK/CCK network key is the same as all supported algorithms. Once TEA1 is supported, you can decrypt or inject TEA2 or TEA3 traffic into your network using the easily reclaimed TEA1 key (CVE-2022-24402). CVE-2025-52944- The TETRA protocol does not have message authentication, and therefore can inject any message, such as voice or data. CVE-2022-24401 ETSI fix is ineffective in preventing keystream recovery attacks (no CVE, assign placeholder identifier MBPH-2025-001)
Midnight Blue states that the impact of 2TETRA is: Two bursts rely on each case and configuration aspect of a particular Tetra network, and networks using TETRA with data carry capacity are particularly susceptible to packet injection attacks, allowing attackers to intercept radio communications and inject malicious data traffic.
“A voice replay or injection scenario (CVE-2025-52940) can cause confusion among legitimate users. This can be used as amplification for large-scale attacks,” the company says. “TETRA E2EE users (and those who don’t use Sepura Embedded E2EE either) should verify that they are using a weakened 56-bit variant (CVE-2025-52941) anyway.”
“Downlink traffic injection is usually possible using plain text traffic, as we found that radios accept and handle unencrypted downlink traffic even in encrypted networks. To uplink traffic injection, we need to recover the keystream.”
There is no evidence that these vulnerabilities are being exploited in the wild. That said, except for MBPH-2025-001, there are no patches that address the drawbacks.
Other defect mitigations are listed below –
CVE-2025-52940, CVE-2025-52942-Scrutiny, Migrate to Secure E2EE Solution CVE-2025-52941-Move to Weakened E2EE Variant CVE-2025-52943-Disable TEA1 Support and use all AIE keys. TLS layer above the TLS/VPN layer
“When operating or using a TETRA network, you will be sure to be affected by CVE-2025-52944. This shows that malicious traffic can be injected into the Tetra network even with authentication and/or encryption enabled.”
“Also, CVE-2022-24401 will likely affect you as it allows enemies to collect keystreams for violations of confidentiality or integrity. When you operate a multi-siffer network, CVE-2025-52943 poses a serious security risk.”
In a statement shared with wired, ETSI said the E2EE mechanism used in Tetra-based RADIOS is not part of the ETSI standard, adding that it was generated by the Critical Communications Association (TCCA) Security and Fraud Prevention Group (SFPG). Etsi also noted that Tetra-based radio buyers are free to deploy other solutions for E2EE over the radio.
The findings are also consistent with the discovery of three flaws in attackers’ mobile Tetra radio that allow attackers with physical access to the device to achieve rogue code execution –
CVE-2025-52945-Fault in File Management Limitations CVE-2025-8458-Insufficient key entropy X for SD card encryption for all TETRA and TETRA E2EE key materials except for device-specific key K (without CVE, except for placeholder identifier MBPH-2025-003)
The CVE-2025-52945 and CVE-2025-8458 patches are expected to be available in the third quarter of 2025, and we recommend that users implement an enhanced Tetra Key Management Policy. On the other hand, MBPH-2025-003 cannot be improved due to architectural restrictions.
“The vulnerability allows attackers to obtain code execution on Sepura Gen 3 devices,” the company said. “Attack scenarios featuring CVE-2025-8458 involve persistent code execution through access to the device’s SD card. The exploitation of CVE-2025-52945 is even easier, as it only requires easy access to the device’s PEI connector.”
“From the premise of code execution, multiple attack scenarios can be performed, including removing the TETRA key material (MBPH-2025-003) and persistent backdoor embedding into wireless firmware. This will result in a loss of the confidentiality and integrity of the TETRA communication.”
Source link
