Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

TETRA E2EE replay, brute-force, and message-injection flaws (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 0
1 unique sources, 1 articles

Summary

Hide ▲

Researchers disclosed 2TETRA:2BURST, a newly identified set of flaws in TETRA and its proprietary E2EE that can enable replay, brute-force, key-recovery, and message-injection attacks. The issues span CVE-2025-52940 through CVE-2025-52944 and can let attackers forge voice and data traffic. The affected protocol is used by law enforcement, military, transportation, utilities, and other critical infrastructure operators. There is no evidence of exploitation in the wild, and remediation is mainly limited to mitigations rather than broad patches.

Related Happenings

Digiever DS-2105 Pro active exploitation wave (CVE-2023-52163)

Exploitation Wave
First: 25.12.2025 10:07 Last: 25.12.2025 10:07 Sources 1

About this happening: **CVE-2023-52163** is being exploited at scale against **Digiever DS-2105 Pro NVRs**, with multiple reports linking abuse to **Mirai** and **ShadowV2** botnet delivery. The flaw i...

Open Happening

Timeline

  1. 11.08.2025 19:32 1 articles · 9mo ago

    Midnight Blue discloses 2TETRA:2BURST flaws in TETRA E2EE

    Initial Disclosure

    Midnight Blue disclosed 2TETRA:2BURST at Black Hat USA, identifying CVE-2025-52940 through CVE-2025-52944 in TETRA's proprietary E2EE and protocol handling, including replayable voice streams, unauthenticated SDS message replay, a deliberately weakened AES-128 variant with 56-bit effective entropy, key-recovery exposure across multi-cipher networks, and arbitrary voice and data injection; the disclosure also said ETSI's fix for CVE-2022-24401 does not stop keystream recovery and noted separate Sepura SC20 series flaws, including CVE-2025-52945 and CVE-2025-8458, that can enable unauthorized code execution and key-material exfiltration.

    Show sources
    Open in new tab