Vulnerabilities > CVE-2014-2362 - Predictable Random Number Generator vulnerability in Oleumtech products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
PARTIAL Availability impact
NONE network
oleumtech
Summary
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation. <a href="http://cwe.mitre.org/data/definitions/338.html" target="_blank">CWE-338: CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 2 |