InfoSecBulletin Cybersecurity for mankind
Researchers have discovered that TETRA, a radio technology used by critical infrastructure authorities, port administrations, and police forces, has many serious bugs. These bugs can be exploited by attackers to gain control of the communications.
TETRA, the trunked radio system utilized by law enforcement, the military, critical infrastructure, and industrial companies, has at least five bugs. These bugs make the system vulnerable to different attacks.
“Forces Penpals” exposed US and UK Military Social Network’s 1 Million Records
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
The use of trunked radio systems enables computer-managed communication, ensuring a constant availability of open channels. The system is preferred by organizations that value speed, operate remotely, or need uninterrupted communication, because it has a longer range and requires fewer base stations.
TETRA, a system that has been in use since 1995, has never undergone comprehensive security research, as stated by cyber security firm Midnight Blue. The analysis conducted by Midnight Blue, named TETRA:BURST, has uncovered a multitude of methods that attackers could potentially utilize to exploit the system.
TETRA is used worldwide to control critical infrastructure, including high-voltage distribution boxes, oil and gas pipelines, and railway safety devices. TETRA is widely utilized for infrastructure purposes in several countries, including Germany, France, and Spain, among others. Those countries may now be at risk of sabotage.
“The results of research are serious,” says Bart Jacobs, professor of computer security at Radboud University Nijmegen. “It is serious for the government, but also for the business community. It concerns vital infrastructure whose functioning can be affected by serious attacks.”
Two of them, tracked as CVE-2022-24401 and CVE-2022-24402, are considered critical. The second bug allows attackers to brute force hardware within minutes.
Two of the remaining three, CVE-2022-24404 and CVE-2022-24403, are of high severity, with the last one, CVE-2022-24400, having a severity level.
Police C2000 network
The second major vulnerability in TETRA can be used to crack our emergency services’ C2000 network. It uses a different kind of TETRA technology, but it can still be tapped by attackers, such as criminal organizations and malicious foreign governments, the researchers warn.
The investigation, called TETRA:BURST, has lasted more than a year. Recently, the researchers have been busy informing affected organizations of the vulnerabilities. That is not easy: many companies in the critical infrastructure do not respond to their e-mails, the researchers say, and are therefore still at risk.
Source: nltimes, cybernews, hackernews
