Common Weakness Enumeration

CWE-330

Discouraged

Use of Insufficiently Random Values

Abstraction: Class · Status: Stable

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

446 vulnerabilities reference this CWE, most recent first.

GHSA-5FQV-MPJ8-H7GM

Vulnerability from github – Published: 2023-03-01 18:05 – Updated: 2024-09-30 19:44
VLAI
Summary
Lemur subject to insecure random generation
Details

Overview

Lemur was using insecure random generation for its example configuration file, as well as for some utilities.

Impact

The potentially affected generated items include:

Configuration item Config option name (if applicable) Documentation link (if applicable) Rotation option Code reference(s)
Flask session secret SECRET_KEY Flask documentation Generate a new secret and place in config; all existing sessions will be invalidated N/A, internal to Flask
Lemur token secret LEMUR_TOKEN_SECRET Lemur's configuration documentation Generate a new secret and place in config; all existing JWTs will be invalidated and must be regenerated (including API keys) 1, 2
Lemur database encryption key LEMUR_ENCRYPTION_KEYS Lemur's configuration documentation A new key can be generated and added to this list, but existing data encrypted with prior keys cannot be re-encrypted unless you write a custom re-encryption process 1
OAuth2 state token secret key OAUTH_STATE_TOKEN_SECRET Lemur's configuration documentation Generate a new secret and place in config 1
Randomly generated passphrases for openssl keystores N/A, generated at runtime but persisted N/A Re-export all openssl keystores and replace them wherever they're in use 1
Initial password for LDAP users N/A, generated at runtime but persisted N/A N/A, cannot be rotated* 1
Initial password for Ping/OAuth2 users N/A, generated at runtime but persisted N/A N/A, cannot be rotated* 1
Oauth2 nonce N/A, short-lived runtime secret N/A N/A, rotation is not required (these are short-lived) 1
Verisign certificate enrollment challenges N/A, short-lived runtime secret N/A N/A, rotation is not required (these are short-lived) 1

If your deployment of Lemur is using any of the above config secrets that were generated by Lemur's example config (i.e., generated using insecure randomness), you should rotate those config secrets. If you generated your config secrets in a more secure way, they are not known to be compromised, but you should still upgrade Lemur to ensure that you receive code fixes for the runtime-generated secrets.

For general information and guidance on Lemur secret configuration, see Lemur's configuration documentation, which includes information on many of the configuration options listed above.

*For the user passwords: Even though these users are configured to use SSO, they do get generated with valid database passwords that can be used to log in. Since Lemur doesn't have an option to change passwords (#3888), one option for rotating them would be to directly modify the value in the database to some other unguessable string (you do not need to know the plaintext password since it won't be used).

Patches

The patch is available in v1.3.2.

Workarounds

No workarounds are available.

References

N/A

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "lemur"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-30797"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-01T18:05:56Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Overview\nLemur was using insecure random generation for its example configuration file, as well as for some utilities.\n\n### Impact\nThe potentially affected generated items include:\n\n| Configuration item      | Config option name (if applicable) | Documentation link (if applicable) | Rotation option | Code reference(s) |\n| ----------- | ----------- | ----------- | ----------- |----------- |\n| Flask session secret      | `SECRET_KEY`       | [Flask documentation](https://flask.palletsprojects.com/en/2.2.x/config/#SECRET_KEY) | Generate a new secret and place in config; all existing sessions will be invalidated | N/A, internal to Flask |\n| Lemur token secret | `LEMUR_TOKEN_SECRET` | [Lemur\u0027s configuration documentation](https://lemur.readthedocs.io/en/latest/administration.html#configuration) | Generate a new secret and place in config; all existing JWTs will be invalidated and must be regenerated (including API keys) | [1](https://github.com/Netflix/lemur/blob/1b61194a936240103f3c23299f9512c2b7e0fd36/lemur/auth/service.py#L79), [2](https://github.com/Netflix/lemur/blob/1b61194a936240103f3c23299f9512c2b7e0fd36/lemur/auth/service.py#L105) |\n| Lemur database encryption key | `LEMUR_ENCRYPTION_KEYS` | [Lemur\u0027s configuration documentation](https://lemur.readthedocs.io/en/latest/administration.html#configuration) | A new key can be generated and added to this list, but existing data encrypted with prior keys cannot be re-encrypted unless you write a custom re-encryption process | [1](https://github.com/Netflix/lemur/blob/3783fbeaa1645bbee022827f4f53ffb12dd65a61/lemur/utils.py#L58) |\n| OAuth2 state token secret key | `OAUTH_STATE_TOKEN_SECRET` | [Lemur\u0027s configuration documentation](https://lemur.readthedocs.io/en/latest/administration.html#configuration) | Generate a new secret and place in config | [1](https://github.com/Netflix/lemur/blob/4b03baaf5544f167e78055bab15a903b1badf22b/lemur/auth/views.py#L267) |\n| Randomly generated passphrases for openssl keystores | N/A, generated at runtime but persisted |N/A | Re-export all openssl keystores and replace them wherever they\u0027re in use | [1](https://github.com/Netflix/lemur/blob/2603776e5c0ac25fa0103ff1357dea391d880160/lemur/plugins/lemur_openssl/plugin.py#L129) |\n| Initial password for LDAP users | N/A, generated at runtime but persisted | N/A | N/A, cannot be rotated* | [1](https://github.com/Netflix/lemur/blob/3783fbeaa1645bbee022827f4f53ffb12dd65a61/lemur/auth/ldap.py#L66) |\n| Initial password for Ping/OAuth2 users | N/A, generated at runtime but persisted |N/A | N/A, cannot be rotated* | [1](https://github.com/Netflix/lemur/blob/4b03baaf5544f167e78055bab15a903b1badf22b/lemur/auth/views.py#L234) |\n| Oauth2 nonce | N/A, short-lived runtime secret |N/A | N/A, rotation is not required (these are short-lived) | [1](https://github.com/Netflix/lemur/blob/4b03baaf5544f167e78055bab15a903b1badf22b/lemur/auth/views.py#L668) |\n| Verisign certificate enrollment challenges | N/A, short-lived runtime secret | N/A | N/A, rotation is not required (these are short-lived) | [1](https://github.com/Netflix/lemur/blob/d4af5af99cd51016579f015d79df649c68a6ad15/lemur/plugins/lemur_verisign/plugin.py#L107) |\n\nIf your deployment of Lemur is using any of the above config secrets that were _generated by Lemur\u0027s example config_ (i.e., generated using insecure randomness), you should rotate those config secrets. If you generated your config secrets in a more secure way, they are not known to be compromised, but you should still upgrade Lemur to ensure that you receive code fixes for the runtime-generated secrets.\n\nFor general information and guidance on Lemur secret configuration, see [Lemur\u0027s configuration documentation](https://lemur.readthedocs.io/en/latest/administration.html#configuration), which includes information on many of the configuration options listed above.\n\n*For the user passwords: Even though these users are configured to use SSO, they do get generated with valid database passwords that can be used to log in. Since Lemur doesn\u0027t have an option to change passwords (#3888), one option for rotating them would be to directly modify the value in the database to some other unguessable string (you do not need to know the plaintext password since it won\u0027t be used).\n\n### Patches\nThe patch is available in v1.3.2.\n\n### Workarounds\nNo workarounds are available.\n\n### References\nN/A",
  "id": "GHSA-5fqv-mpj8-h7gm",
  "modified": "2024-09-30T19:44:46Z",
  "published": "2023-03-01T18:05:56Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Netflix/lemur/security/advisories/GHSA-5fqv-mpj8-h7gm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30797"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Netflix/lemur/issues/3888"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Netflix/lemur/commit/666d853212174ee7f4e6f8b3b4b389ede1872238"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Netflix/lemur"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2023-001.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/lemur/PYSEC-2023-20.yaml"
    },
    {
      "type": "WEB",
      "url": "https://vulncheck.com/advisories/netflix-lemur-weak-rng"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Lemur subject to insecure random generation"
}

GHSA-5G5J-X767-23R3

Vulnerability from github – Published: 2022-05-24 19:14 – Updated: 2022-05-24 19:14
VLAI
Details

A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU 3000 family (All versions). The underlying TCP/IP stack does not properly calculate the random numbers used as ISN (Initial Sequence Numbers). An adjacent attacker with network access to the LAN interface could interfere with traffic, spoof the connection and gain access to sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-37186"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-14T11:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in LOGO! CMR2020 (All versions \u003c V2.2), LOGO! CMR2040 (All versions \u003c V2.2), SIMATIC RTU 3000 family (All versions). The underlying TCP/IP stack does not properly calculate the random numbers used as ISN (Initial Sequence Numbers). An adjacent attacker with network access to the LAN interface could interfere with traffic, spoof the connection and gain access to sensitive information.",
  "id": "GHSA-5g5j-x767-23r3",
  "modified": "2022-05-24T19:14:30Z",
  "published": "2022-05-24T19:14:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37186"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-316383.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5GWV-WW26-4RHF

Vulnerability from github – Published: 2023-08-04 00:30 – Updated: 2024-04-04 06:33
VLAI
Details

Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT21 model versions 01.49.000 and prior and GOT SIMPLE Series GS21 model versions 01.49.000 and prior allows a remote unauthenticated attacker to hijack data connections (session hijacking) or prevent legitimate users from establishing data connections (to cause DoS condition) by guessing the listening port of the data connection on FTP server and connecting to it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3373"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330",
      "CWE-342"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-04T00:15:14Z",
    "severity": "CRITICAL"
  },
  "details": "Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT21 model versions 01.49.000 and prior and GOT SIMPLE Series GS21 model versions 01.49.000 and prior allows a remote unauthenticated attacker to hijack data connections (session hijacking) or prevent legitimate users from establishing data connections (to cause DoS condition) by guessing the listening port of the data connection on FTP server and connecting to it.",
  "id": "GHSA-5gwv-ww26-4rhf",
  "modified": "2024-04-04T06:33:33Z",
  "published": "2023-08-04T00:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3373"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU92167394/index.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-215-01"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-006_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5HC4-W525-FJV3

Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19
VLAI
Details

On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not restrict access to Administrators only so a potential attacker could plant a binary to replace the copied binary right before it gets called, thus gaining Administrator privileges (if the original uninstaller was executed as Administrator). The vulnerability only affects Windows installers.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22038"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-29T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not restrict access to Administrators only so a potential attacker could plant a binary to replace the copied binary right before it gets called, thus gaining Administrator privileges (if the original uninstaller was executed as Administrator). The vulnerability only affects Windows installers.",
  "id": "GHSA-5hc4-w525-fjv3",
  "modified": "2022-05-24T19:19:14Z",
  "published": "2022-05-24T19:19:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22038"
    },
    {
      "type": "WEB",
      "url": "https://blog.installbuilder.com/2021/10/installbuilder-2160-released.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-5M6V-343G-PR27

Vulnerability from github – Published: 2023-10-10 18:31 – Updated: 2024-04-04 08:29
VLAI
Details

In FNET 4.6.3, TCP ISNs are improperly random.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27633"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-10T17:15:10Z",
    "severity": "CRITICAL"
  },
  "details": "In FNET 4.6.3, TCP ISNs are improperly random.",
  "id": "GHSA-5m6v-343g-pr27",
  "modified": "2024-04-04T08:29:54Z",
  "published": "2023-10-10T18:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27633"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5V9V-HVFP-8RMV

Vulnerability from github – Published: 2024-06-11 12:31 – Updated: 2024-06-11 12:31
VLAI
Details

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices are using a predictable IP ID sequence number. This leaves the system susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack and eventually could allow an attacker to create a denial of service condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35292"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-11T12:15:18Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices are using a predictable IP ID sequence number. This leaves the system susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack and eventually could allow an attacker to create a denial of service condition.",
  "id": "GHSA-5v9v-hvfp-8rmv",
  "modified": "2024-06-11T12:31:02Z",
  "published": "2024-06-11T12:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35292"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-481506.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5WG5-MF39-8MH8

Vulnerability from github – Published: 2025-12-10 09:30 – Updated: 2026-05-28 15:39
VLAI
Details

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478.146 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-13955"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-10T09:15:46Z",
    "severity": "CRITICAL"
  },
  "details": "Predictable default Wi-Fi Password in Access Point functionality in\u00a0EZCast Pro II version 1.17478.146\u00a0allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers",
  "id": "GHSA-5wg5-mf39-8mh8",
  "modified": "2026-05-28T15:39:37Z",
  "published": "2025-12-10T09:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13955"
    },
    {
      "type": "WEB",
      "url": "https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/cvd-cases/cvd-case-1-test.html"
    },
    {
      "type": "WEB",
      "url": "https://www.nimbletech.com.tw/index.php/release-note"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:L/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-5WM2-V84Q-JW9V

Vulnerability from github – Published: 2023-10-10 18:31 – Updated: 2024-04-04 08:29
VLAI
Details

An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. While the ISN generator seems to adhere to RFC 793 (where a global 32-bit counter is incremented roughly every 4 microseconds), proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27213"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-10T17:15:10Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. While the ISN generator seems to adhere to RFC 793 (where a global 32-bit counter is incremented roughly every 4 microseconds), proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.",
  "id": "GHSA-5wm2-v84q-jw9v",
  "modified": "2024-04-04T08:29:45Z",
  "published": "2023-10-10T18:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27213"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks"
    },
    {
      "type": "WEB",
      "url": "http://lists.egnite.de/mailman/listinfo/en-nut-announce"
    },
    {
      "type": "WEB",
      "url": "http://www.ethernut.de/en/download/index.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5WWR-75FF-WP92

Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50
VLAI
Details

POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass any POSIM EVO login prompt.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-15807"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-23T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "POSIM EVO 15.13 for Windows includes an \"Emergency Override\" administrative account that may be accessed through POSIM\u0027s \"override\" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass any POSIM EVO login prompt.",
  "id": "GHSA-5wwr-75ff-wp92",
  "modified": "2022-05-13T01:50:13Z",
  "published": "2022-05-13T01:50:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15807"
    },
    {
      "type": "WEB",
      "url": "https://versprite.com/advisories/posim-evo-for-windows"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-62F9-2V42-4H92

Vulnerability from github – Published: 2022-05-13 01:07 – Updated: 2022-05-13 01:07
VLAI
Details

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-0729"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-05T23:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka \u0027Azure IoT Java SDK Elevation of Privilege Vulnerability\u0027.",
  "id": "GHSA-62f9-2v42-4h92",
  "modified": "2022-05-13T01:07:56Z",
  "published": "2022-05-13T01:07:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0729"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106966"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design
  • Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
  • In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
  • Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Implementation

Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.

Mitigation MIT-2
Architecture and Design Requirements

Strategy: Libraries or Frameworks

Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-485: Signature Spoofing by Key Recreation

An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

CAPEC-59: Session Credential Falsification through Prediction

This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.