CWE-330
DiscouragedUse of Insufficiently Random Values
Abstraction: Class · Status: Stable
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
446 vulnerabilities reference this CWE, most recent first.
GHSA-PPWX-5JQ7-PX2W
Vulnerability from github – Published: 2026-02-26 19:35 – Updated: 2026-02-26 19:35Summary
Fleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Because no secret key or additional entropy was used, the resulting PIN could potentially be derived if the approximate time the device was locked is known.
Impact
Fleet’s device lock and wipe commands generate a 6-digit PIN that is displayed to administrators for unlocking a device. In affected versions, this PIN was deterministically derived from the current timestamp.
An attacker with physical possession of a locked device and knowledge of the approximate time the lock command was issued could theoretically predict the correct PIN within a limited search window.
However, successful exploitation is constrained by multiple factors: - Physical access to the device is required. - The approximate lock time must be known. - The operating system enforces rate limiting on PIN entry attempts. - Attempts would need to be spread over multiple days. - Device wipe operations would typically complete before sufficient attempts could be made.
As a result, this issue does not allow remote exploitation, fleet-wide compromise, or bypass of Fleet authentication controls.
Workarounds
There are no known workarounds for this issue. Customers should upgrade to a patched version.
For more information
If there are any questions or comments about this advisory:
Email Fleet at security@fleetdm.com Join #fleet in osquery Slack
Credits
Fleet thanks @secfox-ai for responsibly reporting this issue.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/fleetdm/fleet/v4"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.80.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-23999"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-26T19:35:29Z",
"nvd_published_at": "2026-02-26T03:16:04Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nFleet generated device lock and wipe PINs using a predictable algorithm based solely on the current Unix timestamp. Because no secret key or additional entropy was used, the resulting PIN could potentially be derived if the approximate time the device was locked is known.\n\n### Impact\n\nFleet\u2019s device lock and wipe commands generate a 6-digit PIN that is displayed to administrators for unlocking a device. In affected versions, this PIN was deterministically derived from the current timestamp.\n\nAn attacker with physical possession of a locked device and knowledge of the approximate time the lock command was issued could theoretically predict the correct PIN within a limited search window.\n\nHowever, successful exploitation is constrained by multiple factors:\n- Physical access to the device is required.\n- The approximate lock time must be known.\n- The operating system enforces rate limiting on PIN entry attempts.\n- Attempts would need to be spread over multiple days.\n- Device wipe operations would typically complete before sufficient attempts could be made.\n\nAs a result, this issue does not allow remote exploitation, fleet-wide compromise, or bypass of Fleet authentication controls.\n\n### Workarounds\n\nThere are no known workarounds for this issue. Customers should upgrade to a patched version.\n\n### For more information\n\nIf there are any questions or comments about this advisory:\n\nEmail Fleet at [security@fleetdm.com](mailto:security@fleetdm.com)\nJoin #fleet in [osquery Slack](https://join.slack.com/t/osquery/shared_invite/zt-h29zm0gk-s2DBtGUTW4CFel0f0IjTEw)\n\n### Credits\n\nFleet thanks @secfox-ai for responsibly reporting this issue.",
"id": "GHSA-ppwx-5jq7-px2w",
"modified": "2026-02-26T19:35:29Z",
"published": "2026-02-26T19:35:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/fleetdm/fleet/security/advisories/GHSA-ppwx-5jq7-px2w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23999"
},
{
"type": "WEB",
"url": "https://github.com/fleetdm/fleet/commit/05ca0693621e6671fb95dfc5437b9f9ee6dd7047"
},
{
"type": "PACKAGE",
"url": "https://github.com/fleetdm/fleet"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Fleet: Device lock PIN can be predicted if lock time is known"
}
GHSA-PQ4W-QM9G-QX68
Vulnerability from github – Published: 2020-03-16 22:46 – Updated: 2021-07-28 18:54Impact
Credential replay affecting those connected to a server when all 3 of the following conditions are met:
- SecurityPolicy is None
- using username/password or X509-based authentication
- the server has a defect causing it to send null/empty or zeroed nonces
Patches
The problem has been patched in version 0.3.6. A more relaxed treatment of validation as agreed upon by the OPC UA Security Working Group is implemented in version 0.3.7.
Workarounds
Do not use username/password or X509-based authentication with SecurityPolicy of None.
References
https://opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2019-19135.pdf
For more information
If you have any questions or comments about this advisory: * Open an issue at https://github.com/eclipse/milo/issues * Email the mailing list
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.3.4"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.milo:sdk-client"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-19135"
],
"database_specific": {
"cwe_ids": [
"CWE-330",
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2020-03-16T20:59:53Z",
"nvd_published_at": "2020-03-16T16:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nCredential replay affecting those connected to a server when *all 3* of the following conditions are met:\n- `SecurityPolicy` is `None`\n- using username/password or X509-based authentication\n- the server has a defect causing it to send null/empty or zeroed nonces \n\n### Patches\nThe problem has been patched in version `0.3.6`. A more relaxed treatment of validation as agreed upon by the OPC UA Security Working Group is implemented in version `0.3.7`.\n\n### Workarounds\nDo not use username/password or X509-based authentication with `SecurityPolicy` of `None`.\n\n### References\nhttps://opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2019-19135.pdf\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue at [https://github.com/eclipse/milo/issues](https://github.com/eclipse/milo/issues)\n* Email [the mailing list](mailto:milo-dev@eclipse.org)",
"id": "GHSA-pq4w-qm9g-qx68",
"modified": "2021-07-28T18:54:53Z",
"published": "2020-03-16T22:46:50Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/eclipse/milo/security/advisories/GHSA-pq4w-qm9g-qx68"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19135"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/milo/commit/cac0e710bf2b8bed9c602fc597e9de1d8903abed"
},
{
"type": "WEB",
"url": "https://opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2019-19135.pdf"
},
{
"type": "WEB",
"url": "https://opcfoundation.org/security-bulletins"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Insufficient Nonce Validation in Eclipse Milo Client"
}
GHSA-PQC9-6W7J-MP2F
Vulnerability from github – Published: 2026-03-25 15:31 – Updated: 2026-03-25 15:31An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain sensitive information via the cryptographic scheme.
{
"affected": [],
"aliases": [
"CVE-2024-51346"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-25T14:16:28Z",
"severity": "HIGH"
},
"details": "An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain sensitive information via the cryptographic scheme.",
"id": "GHSA-pqc9-6w7j-mp2f",
"modified": "2026-03-25T15:31:28Z",
"published": "2026-03-25T15:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51346"
},
{
"type": "WEB",
"url": "https://github.com/victorGoeman/Eufy-Ecosystem-Security-Research/blob/main/CVE-2024-51346.md"
},
{
"type": "WEB",
"url": "https://github.com/victorGoeman/Eufy-Ecosystem-Security-Research/blob/main/README.md"
},
{
"type": "WEB",
"url": "https://www.eufy.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PQRX-8F89-682J
Vulnerability from github – Published: 2022-07-08 00:00 – Updated: 2022-07-15 00:00The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.
{
"affected": [],
"aliases": [
"CVE-2022-25047"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-07T12:15:00Z",
"severity": "MODERATE"
},
"details": "The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.",
"id": "GHSA-pqrx-8f89-682j",
"modified": "2022-07-15T00:00:17Z",
"published": "2022-07-08T00:00:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25047"
},
{
"type": "WEB",
"url": "https://github.com/Immersive-Labs-Sec/CentOS-WebPanel"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PR9H-XJRF-GJCR
Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2022-05-24 16:46CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.
{
"affected": [],
"aliases": [
"CVE-2019-6821"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-22T20:29:00Z",
"severity": "HIGH"
},
"details": "CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.",
"id": "GHSA-pr9h-xjrf-gjcr",
"modified": "2022-05-24T16:46:18Z",
"published": "2022-05-24T16:46:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6821"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01"
},
{
"type": "WEB",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108366"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-PVV4-8WMW-VJF3
Vulnerability from github – Published: 2022-12-13 18:30 – Updated: 2024-04-04 03:13A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.
{
"affected": [],
"aliases": [
"CVE-2022-46353"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-13T16:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions \u003c V3.2.7), SCALANCE X204RNA (PRP) (All versions \u003c V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions \u003c V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions \u003c V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions \u003c V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.",
"id": "GHSA-pvv4-8wmw-vjf3",
"modified": "2024-04-04T03:13:45Z",
"published": "2022-12-13T18:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46353"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PW9J-JVFG-9PPW
Vulnerability from github – Published: 2023-10-10 18:31 – Updated: 2024-04-04 08:29In Contiki 4.5, TCP ISNs are improperly random.
{
"affected": [],
"aliases": [
"CVE-2020-27634"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-10T17:15:10Z",
"severity": "CRITICAL"
},
"details": "In Contiki 4.5, TCP ISNs are improperly random.",
"id": "GHSA-pw9j-jvfg-9ppw",
"modified": "2024-04-04T08:29:43Z",
"published": "2023-10-10T18:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27634"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
},
{
"type": "WEB",
"url": "https://www.forescout.com"
},
{
"type": "WEB",
"url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PWQG-3R7W-W9HW
Vulnerability from github – Published: 2022-05-13 01:08 – Updated: 2022-05-13 01:08The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
{
"affected": [],
"aliases": [
"CVE-2019-8919"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-02-18T20:29:00Z",
"severity": "HIGH"
},
"details": "The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.",
"id": "GHSA-pwqg-3r7w-w9hw",
"modified": "2022-05-13T01:08:17Z",
"published": "2022-05-13T01:08:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8919"
},
{
"type": "WEB",
"url": "https://github.com/haiwen/seadroid/issues/789"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-Q3W8-GRP4-HC32
Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-08-13 00:00Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default.
{
"affected": [],
"aliases": [
"CVE-2021-34646"
],
"database_specific": {
"cwe_ids": [
"CWE-290",
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-30T19:15:00Z",
"severity": "CRITICAL"
},
"details": "Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default.",
"id": "GHSA-q3w8-grp4-hc32",
"modified": "2022-08-13T00:00:35Z",
"published": "2022-05-24T19:12:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34646"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2581212%40woocommerce-jetpack\u0026new=2581212%40woocommerce-jetpack\u0026sfp_email=\u0026sfph_mail="
},
{
"type": "WEB",
"url": "https://www.wordfence.com/blog/2021/08/critical-authentication-bypass-vulnerability-patched-in-booster-for-woocommerce"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-Q4Q3-WX65-4J6J
Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2022-10-22 12:00Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup due to a predictable name, resulting in authentication bypass (a login authenticated with the MD5 hash of any user found in the database).
{
"affected": [],
"aliases": [
"CVE-2019-7667"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-01T19:15:00Z",
"severity": "CRITICAL"
},
"details": "Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup due to a predictable name, resulting in authentication bypass (a login authenticated with the MD5 hash of any user found in the database).",
"id": "GHSA-q4q3-wx65-4j6j",
"modified": "2022-10-22T12:00:30Z",
"published": "2022-05-24T16:49:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7667"
},
{
"type": "WEB",
"url": "https://applied-risk.com/labs/advisories"
},
{
"type": "WEB",
"url": "https://www.applied-risk.com/resources/ar-2019-007"
},
{
"type": "WEB",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-211-02"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/155262/Prima-FlexAir-Access-Control-2.3.35-Database-Backup-Predictable-Name.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
- Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
- In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
- Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.
Mitigation MIT-2
Strategy: Libraries or Frameworks
Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-485: Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.