CWE-1241
Use of Predictable Algorithm in Random Number Generator
Extended description
Pseudo-random number generator algorithms are predictable because their registers have a finite number of possible states, which eventually lead to repeating patterns. As a result, pseudo-random number generators (PRNGs) can compromise their randomness or expose their internal state to various attacks, such as reverse engineering or tampering.
Common consequences1
- ConfidentialityRead Application Data
Potential mitigations2
- Architecture and Design
It is highly recommended to use a true random number generator (TRNG) to ensure the security of encryption schemes. Hardware-based TRNGs generate unpredictable, unbiased, and independent random numbers because they employ physical phenomena, e.g., electrical noise, as sources to generate random numbers.
- Implementation
It is highly recommended to use a true random number generator (TRNG) to ensure the security of encryption schemes. Hardware-based TRNGs generate unpredictable, unbiased, and independent random numbers because they employ physical phenomena, e.g., electrical noise, as sources to generate random numbers.
Relationships1
- ChildOfCWE-330
CVEs referencing this CWE9
| CVE | Description | Severity | EPSS | Flags | Modified |
|---|---|---|---|---|---|
| CVE-2016-10180 | An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding. | HIGH7.5 | 4.41%p90 | 2026-05-13 | |
| CVE-2021-3689 | yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | HIGH7.5 | 1.90%p77 | 2024-11-21 | |
| CVE-2021-3692 | yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | MEDIUM5.3 | 1.70%p74 | 2024-11-21 | |
| CVE-2021-4240 | A vulnerability, which was classified as problematic, was found in phpservermon. This affects the function generatePasswordResetToken of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is 3daa804d5f56c55b3ae13bfac368bb84ec632193. It is recommended to apply a patch to fix this issue. The identifier VDB-213717 was assigned to this vulnerability. | MEDIUM5.3 | 0.80%p52 | 2025-04-15 | |
| CVE-2021-4241 | A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is bb10a5f3c68527c58073258cb12446782d223bc3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213744. | MEDIUM5.3 | 0.77%p51 | 2025-04-15 | |
| CVE-2023-4695 | Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | HIGH8.1 | 0.61%p44 | 2024-11-21 | |
| CVE-2025-13079 | The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data. This makes it possible for unauthenticated attackers to unsubscribe arbitrary subscribers from mailing lists via brute-forcing the unsubscribe token, granted they know the victim's email address | MEDIUM5.3 | 0.37%p29 | 2026-04-15 | |
| CVE-2025-32056 | The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified on Nissan Leaf ZE1 manufactured in 2020. | MEDIUM4.0 | 0.27%p18 | 2026-04-15 | |
| CVE-2026-6420 | A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module (TPM) quote attestation instead of a cryptographically random value. This allows the attacker to stockpile valid TPM quotes and replay them to evade detection after compromising the system. This issue affects only the push model deployment. | MEDIUM6.3 | 0.12%p2 | 2026-05-11 |