Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure.
References
Configurations
No configuration.
History
06 Nov 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-338 |
13 Aug 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-13 17:15
Updated : 2024-11-06 16:35
NVD link : CVE-2023-31305
Mitre link : CVE-2023-31305
CVE.ORG link : CVE-2023-31305
JSON object : View
Products Affected
No product.
CWE
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)