VYPR

CWE-1241

Use of Predictable Algorithm in Random Number Generator

BaseDraft

Description

The device uses an algorithm that is predictable and generates a pseudo-random number.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-97

CVEs mapped to this weakness (6)

  • CVE-2016-10180HigJan 30, 2017
    risk 0.49cvss 7.5epss 0.04

    An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding.

  • CVE-2026-6420MedMay 6, 2026
    risk 0.34cvss 6.3epss 0.00

    A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module (TPM) quote attestation…

  • CVE-2025-13079MedFeb 19, 2026
    risk 0.34cvss 5.3epss 0.00

    The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data.…

  • CVE-2025-32056MedJan 22, 2026
    risk 0.26cvss 4.0epss 0.00

    The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. …

  • CVE-2021-4240Nov 15, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in phpservermon. This affects the function generatePasswordResetToken of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been…

  • CVE-2021-4241Nov 15, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to…