Wrangling Entropy: Next-Generation Multi-Factor Key Derivation, Credential Hashing, and Credential Generation Functions

The Multi-Factor Key Derivation Function MFKDF offered a novel solution to the classic problem of usable client-side key management by incorporating multiple popular authentication factors into a key derivation process, but was later shown to be vulnerable to cryptanalysis that degraded its...

CVE-2022-30320

Saia Burgess Controls SBC PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. According to FSCT-2022-0063, there is a Saia Burgess Controls SBC PCD S-Bus weak credential hashing scheme issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The...

Alerton Webtalk 2.5/3.3 - Multiple Vulnerabilities

''' Security Issues in Alerton Webtalk ================================== Introduction ------------ Vulnerabilities were identified in the Alerton Webtalk Software supplied by Alerton. This software is used for the management of building automation systems. These were discovered during a black bo...

Alerton Webtalk 2.53.3 - Multiple Vulnerabilities

Alerton Webtalk 2.53.3 - Multiple Vulnerabilities ''' Security Issues in Alerton Webtalk ================================== Introduction ------------ Vulnerabilities were identified in the Alerton Webtalk Software supplied by Alerton. This software is used for the management of building automatio...

Alerton Webtalk 2.5 / 3.3 Hash Disclosure / CSRF / Command Injection Vulnerabilities

Exploit for multiple platform in category web applications Security Issues in Alerton Webtalk ================================== Introduction ------------ Vulnerabilities were identified in the Alerton Webtalk Software supplied by Alerton. This software is used for the management of building...