5 matches found
CVE-2026-21383
CVE-2026-21383 describes a cryptographic issue in which AES-GCM key wrapping uses a static initialization vector (IV). The static IV conflicts with the requirement for a unique IV per operation, which can undermine confidentiality and integrity. The CVSS 3.1 metrics provided indicate a high impac...
CVE-2025-47345 Reusing a Nonce, Key Pair in Encryption in Automotive Platform
Cryptographic issue may occur while encrypting license data...
CVE-2025-47345 Reusing a Nonce, Key Pair in Encryption in Automotive Platform
Cryptographic issue may occur while encrypting license data...
The vulnerability of the Johnson Controls Metasys building automation and control system, related to the repeated use of a cryptographic pair in encryption, allows a intruder to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Johnson Controls Metasys building automation system lies in the repeated use of a cryptographic pair in encryption processes. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...
CVE-2017-7902
CVE-2017-7902 affects Rockwell Automation Allen‑Bradley MicroLogix 1100 (1763-L16Axx, 16.00 and earlier) and MicroLogix 1400 (1766-L32Axx, 16.00 and earlier). The issue is nonce reuse in encryption, enabling an attacker to capture and replay a valid request until the nonce changes, potentially co...