The APCO P25 protocol contains a flaw that may allow a remote denial of service. The issue is triggered when an unauthenticated “inhibit” extended function command (XFC) is directed towards a legitimate radio device and causing them to become disabled, resulting in the loss of availability of a radio device.

Currently, there are no known upgrades or patches to correct this vulnerability. It is possible to temporarily work around the flaw by implementing the following workaround: Some manufacturers allow for radios to be configured to ignore inhibit commands. This is often a configuration option that can be set for each MR using the equipment’s programming interface. Allowing inhibit to be disabled is intended to mitigate the threat of DoS attacks but does so at the cost of negating the anti-theft measure.

Unknown or Incomplete

• Related OSVDB ID: 81973 81975 81976
• Mail List Post: http://news.infracritical.com/pipermail/scadasec/2011-September/003722.html
• News Article: http://tech.slashdot.org/story/11/09/10/1539217/Security-Researchers-Crack-APCO-P25-Encryption
• Generic Informational URL: http://www.apco911.org/frequency/project25.php
  http://www.apcoaust.com.au/2012/presentations/2012APCOA_Stephen_Glass.pdf
• Other Advisory URL: http://www.nicta.com.au/pub?doc=5076

Unknown or Incomplete

NVD does not currently have a CVSSv2 score assigned.