CVE-2024-53845

ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV Initialization Vector prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and remains constant...

Espressif ESP-IDF 安全漏洞

Espressif ESP-IDF is an Internet of Things IoT development framework from China Loxin Espressif. A security vulnerability exists in Espressif ESP-IDF, which stems from the fact that the encrypted output becomes deterministic if the IV is not properly initialized, leading to a potential data leak...

CVE-2024-53845

CVE-2024-53845 concerns ESPRESSIF ESP-IDF’s ESPTouch v2 AES/CBC encryption where the Initialization Vector (IV) was not configurable prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8, causing a deterministic ciphertext and potential data leakage. The fixed behavior, implemented in these versions, ...

CVE-2024-53845 AES/CBC Constant IV Vulnerability in ESPTouch v2

ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV Initialization Vector prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and remains constant...

CVE-2024-53845 AES/CBC Constant IV Vulnerability in ESPTouch v2

ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV Initialization Vector prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and remains constant...

CVE-2024-53845 AES/CBC Constant IV Vulnerability in ESPTouch v2

ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV Initialization Vector prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and remains constant...

GHSA-H63V-HW6G-X8HP Bit flip attack vulnerability in cookie-encrypter

due to a weakness in the encryption method used in cookie-encrypter an attack can use the world visible IV to edit encrypted cookies without decrypting the cookie itself. This is known as an AES CBC bit flipping attack...

Bit flip attack vulnerability in cookie-encrypter

due to a weakness in the encryption method used in cookie-encrypter an attack can use the world visible IV to edit encrypted cookies without decrypting the cookie itself. This is known as an AES CBC bit flipping attack...

CVE-2024-47122

In the goTenna Pro App, the encryption keys are stored along with a static IV on the End User Device EUD. This allows for complete decryption of keys stored on the EUD if physically compromised. This allows an attacker to decrypt all encrypted broadcast communications based on encryption keys...

goTenna Pro 安全漏洞

goTenna Pro is a series of devices from goTenna that can create networks for off-grid communications and situational awareness. A security vulnerability exists in goTenna Pro versions 1.9.12 and earlier, which stems from an encryption key being stored with a static IV, which allows the key stored...

PT-2024-31587 · Gotenna · Gotenna Pro Atak Plugin

Name of the Vulnerable Software and Affected Versions: goTenna Pro ATAK plugin affected versions not specified Description: The issue concerns the use of weak passwords for sharing encryption keys via the key broadcast method in the goTenna Pro ATAK plugin. If the broadcasted encryption key is...

goTenna Pro ATAK Plugin 安全漏洞

The goTenna Pro ATAK Plugin is a plugin for goTenna's device that creates networks for off-grid communication and situational awareness. A security vulnerability exists in goTenna Pro ATAK Plugin version 1.9.12 and earlier, which stems from an encryption key being stored on the device along with ...

PT-2024-32417

Name of the Vulnerable Software and Affected Versions goTenna Pro App affected versions not specified goTenna Pro X goTenna Pro X2 Description The encryption keys in the goTenna Pro App are stored along with a static IV on the End User Device EUD, allowing for complete decryption of keys if the...

goTenna Pro 安全漏洞

The goTenna Pro is a series of devices from goTenna that can create networks for off-grid communications and situational awareness. A security vulnerability exists in goTenna Pro that stems from an encryption key being stored on the device along with a static IV...

Netlogon Weak Cryptographic Authentication

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...

CVE-2023-31305

CVE-2023-31305 describes weak and predictable IV generation in Power Management Firmware (PMFW). Under local access with high privileges, an attacker could reuse IV values to reverse‑engineer debug data, potentially causing information disclosure. The provided materials confirm the vulnerability ...

CVE-2023-31305

Generation of weak and predictable Initialization Vector IV in PMFW Power Management Firmware may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure...

Ciphertext Leakage

Netbird is vulnerable to Ciphertext Leakage. The vulnerability is due to the use of a static initialization vector IV in the Encrypt function within the crypt.go file, which does not change for different encryption operations and allows attackers to expose the sensitive information through...

GHSA-9V35-4XCR-W9PH NetBird uses a static initialization vector (IV)

A static initialization vector IV in the encrypt function of netbird management's service from v0.23.2 to v0.29.1 allows attackers to obtain sensitive information email addresses when in possession of the audit events database...

CVE-2024-41260

A static initialization vector IV in the encrypt function of netbird management's service from v0.23.2 to v0.29.1 allows attackers to obtain sensitive information email addresses when in possession of the audit events database...