Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.
References
Link | Resource |
---|---|
https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/ | Exploit Third Party Advisory |
Configurations
History
16 Sep 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation. |
09 Aug 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation. |
07 Jul 2023, 19:14
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-335 |
Information
Published : 2022-01-20 12:15
Updated : 2024-09-16 19:15
NVD link : CVE-2021-34600
Mitre link : CVE-2021-34600
CVE.ORG link : CVE-2021-34600
JSON object : View
Products Affected
telenot
- compasx
CWE
CWE-335
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)