Tag Archives: CWE- 1241

CWE-1241 – Use of Predictable Algorithm in Random Number Generator

Read Time:20 Second

Description

The device uses an algorithm that is predictable and generates a pseudo-random number.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-330

 

Consequences

Confidentiality: Read Application Data

 

Potential Mitigations

Phase: Architecture and Design

Description: 

A true random number generator should be specified for cryptographic algorithms.

Phase: Implementation

Description: 

A true random number generator should be implemented for cryptographic algorithms.

CVE References