CVE-2021-34600

medium

Description

Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.

References

https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/

Details

Source: Mitre, NVD

Published: 2022-01-20

Updated: 2024-09-16

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium