Unrated severityNVD Advisory· Published Dec 13, 2015· Updated May 6, 2026

CVE-2015-6418

Description

The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.

Affected products

Cisco Systems, Inc./Rv016 Multi Wan VPN Firmware3 versions
cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.5.0:*:*:*:*:*:*:*
Cisco Systems, Inc./Rv042 Dual Wan VPN Router Firmware
cpe:2.3:a:cisco:rv042_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*
Cisco Systems, Inc./Rv042g Dual Gigabit Wan VPN Firmware3 versions
cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.8:*:*:*:*:*:*:*
Cisco Systems, Inc./Rv082 Dual Wan VPN Router Firmware2 versions
cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.0.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*
Cisco Systems, Inc./Sa520
cpe:2.3:o:cisco:sa520:2.2.07:*:*:*:*:*:*:*
Cisco Systems, Inc./Sa520w
cpe:2.3:o:cisco:sa520w:2.2.07:*:*:*:*:*:*:*
Cisco Systems, Inc./Sa540
cpe:2.3:o:cisco:sa540:2.2.07:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000