Action not permitted
Modal body text goes here.
Modal Title
Modal Body
tid-317
Vulnerability from emb3d
Type
Description
If the device does not generate sufficiently random cryptographic primitives, a threat actor could predict or brute-force guess a key to either gain unauthorized access to the device or decrypt a connection. Cryptographic keys that are not generated with random “seed” information, including from Pseudo-Random Number Generators (PRNG), will lack sufficient entropy. For example, researchers have demonstrated that a large number of Internet exposed devices with TLS or SSH services utilized the same RSA moduli, which could be then used to determine the device’s private key and then used to remotely authenticate with the device.
CWE
- CWE-331: Insufficient Entropy (Base)
- CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (Base)
CVE-2012-4898 (GCVE-0-2012-4898)
Vulnerability from cvelistv5
Published
2012-12-18 11:00
Modified
2025-07-09 16:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE 331
Summary
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:18.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-297-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mesh OS",
"vendor": "Tropos",
"versions": [
{
"lessThan": "7.9.1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "research group composed of Nadia Heninger (University of California at San Diego), Zakir Durumeric (University of Michigan), Eric Wustrow (University of Michigan), and J. Alex Halderman (University of Michigan)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere.\u003c/p\u003e"
}
],
"value": "Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:P/A:N",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 331",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-09T16:22:48.905Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-297-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Tropos Networks has released customer notification and an update (Tropos\n Mesh OS 7.9.1.1) for its network device embedded software. This update \ncan be downloaded from the Tropos software download page. Download of \nthe update requires a valid user name and password. The updated firmware\n fixes the vulnerability by using sufficient entropy to generate unique \nSSH host keys.\n\n\u003cbr\u003e"
}
],
"value": "Tropos Networks has released customer notification and an update (Tropos\n Mesh OS 7.9.1.1) for its network device embedded software. This update \ncan be downloaded from the Tropos software download page. Download of \nthe update requires a valid user name and password. The updated firmware\n fixes the vulnerability by using sufficient entropy to generate unique \nSSH host keys."
}
],
"source": {
"advisory": "ICSA-12-297-01",
"discovery": "EXTERNAL"
},
"title": "Tropos Wireless Mesh Routers Insufficient Entropy",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2012-4898",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-297-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-297-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2012-4898",
"datePublished": "2012-12-18T11:00:00Z",
"dateReserved": "2012-09-12T00:00:00Z",
"dateUpdated": "2025-07-09T16:22:48.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43485 (GCVE-0-2022-43485)
Vulnerability from cvelistv5
Published
2023-05-30 16:19
Modified
2025-01-09 21:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-330 - Use of Insufficiently Random Values
Summary
Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client's JWT token. This issue affects OneWireless version 322.1
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Honeywell | OneWireless |
Version: 322.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:58.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://process.honeywell.com/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T21:26:48.252024Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T21:27:01.369Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OneWireless",
"vendor": "Honeywell",
"versions": [
{
"status": "affected",
"version": "322.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUse of Insufficiently Random Values in Honeywell OneWireless. This vulnerability\u0026nbsp;may allow attacker to manipulate claims in client\u0027s JWT token.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects OneWireless version 322.1\u003c/span\u003e"
}
],
"value": "\nUse of Insufficiently Random Values in Honeywell OneWireless. This vulnerability\u00a0may allow attacker to manipulate claims in client\u0027s JWT token.\u00a0This issue affects OneWireless version 322.1"
}
],
"impacts": [
{
"capecId": "CAPEC-39",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-39 Manipulating Opaque Client-based Data Tokens"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330: Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-30T16:19:24.146Z",
"orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"shortName": "Honeywell"
},
"references": [
{
"url": "https://process.honeywell.com/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure random number used for generating keys for signing Jwt tokens",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"assignerShortName": "Honeywell",
"cveId": "CVE-2022-43485",
"datePublished": "2023-05-30T16:19:24.146Z",
"dateReserved": "2022-11-30T20:26:18.642Z",
"dateUpdated": "2025-01-09T21:27:01.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…