Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1241 — Vulnerability Class 6

6 vulnerabilities classified as CWE-1241. AI Chinese analysis included.

CWE-1241 represents a critical cryptographic weakness where software employs a predictable algorithm to generate pseudo-random numbers. This flaw arises because PRNGs operate with finite internal states, inevitably leading to repeating patterns that compromise true randomness. Attackers typically exploit this vulnerability by analyzing output sequences to deduce the generator’s internal state, thereby predicting future values. This predictability enables severe security breaches, including session hijacking, token forgery, and unauthorized access to sensitive systems. To mitigate this risk, developers must avoid standard library functions like `rand()` for security-critical applications. Instead, they should utilize cryptographically secure pseudo-random number generators (CSPRNGs) that incorporate entropy from unpredictable sources. By ensuring the underlying algorithm is resistant to state prediction, organizations can maintain data integrity and prevent adversaries from manipulating security mechanisms based on anticipated random outputs.

MITRE CWE Description
The device uses an algorithm that is predictable and generates a pseudo-random number. Pseudo-random number generator algorithms are predictable because their registers have a finite number of possible states, which eventually lead to repeating patterns. As a result, pseudo-random number generators (PRNGs) can compromise their randomness or expose their internal state to various attacks, such as reverse engineering or tampering.
Common Consequences (1)
ConfidentialityRead Application Data
Mitigations (2)
Architecture and DesignIt is highly recommended to use a true random number generator (TRNG) to ensure the security of encryption schemes. Hardware-based TRNGs generate unpredictable, unbiased, and independent random numbers because they employ physical phenomena, e.g., electrical noise, as sources to generate random numbers.
ImplementationIt is highly recommended to use a true random number generator (TRNG) to ensure the security of encryption schemes. Hardware-based TRNGs generate unpredictable, unbiased, and independent random numbers because they employ physical phenomena, e.g., electrical noise, as sources to generate random numbers.
Examples (2)
Suppose a cryptographic function expects random value to be supplied for the crypto algorithm.
The example code is taken from the PRNG inside the buggy OpenPiton SoC of HACK@DAC'21 [REF-1370]. The SoC implements a pseudo-random number generator using a Linear Feedback Shift Register (LFSR).
reg in_sr, entropy16_valid; reg [15:0] entropy16; assign entropy16_o = entropy16; assign entropy16_valid_o = entropy16_valid; always @ (*) begin in_sr = ^ (poly_i [15:0] & entropy16 [15:0]); end
Bad · Verilog
CVE IDTitleCVSSSeverityPublished
CVE-2026-6420 Keylime: keylime: security bypass due to hardcoded tpm quote nonce — Red Hat Enterprise Linux 10 6.3 Medium2026-05-06
CVE-2025-13079 Popup Builder - Create highly converting, mobile friendly marketing popups. <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens — Popup Builder – Create highly converting, mobile friendly marketing popups. 5.3 Medium2026-02-19
CVE-2025-32056 Anti-Theft Bypass for Infotainment ECU — Infotainment system ECU 4.0 Medium2026-01-22
CVE-2023-4695 Use of Predictable Algorithm in Random Number Generator in pkp/pkp-lib — pkp/pkp-lib 7.5 -2023-09-01
CVE-2021-3692 Use of Predictable Algorithm in Random Number Generator in yiisoft/yii2 — yiisoft/yii2--2021-08-10
CVE-2021-3689 Use of Predictable Algorithm in Random Number Generator in yiisoft/yii2 — yiisoft/yii2--2021-08-10

Vulnerabilities classified as CWE-1241 represent 6 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.