CWE-1241 - Use of Predictable Algorithm in Random Number Generator
- Abstraction:Base
- Structure:Simple
- Status:Draft
- Release Date:2020-02-24
- Latest Modification Date:2025-12-11
Weakness Name
Use of Predictable Algorithm in Random Number Generator
Description
The device uses an algorithm that is predictable and generates a pseudo-random number.
Pseudo-random number generator algorithms are predictable because their registers have a finite number of possible states, which eventually lead to repeating patterns. As a result, pseudo-random number generators (PRNGs) can compromise their randomness or expose their internal state to various attacks, such as reverse engineering or tampering.
Common Consequences
Scope: Confidentiality
Impact: Read Application Data