CVE-2021-34600 (GCVE-0-2021-34600)

Vulnerability from cvelistv5 – Published: 2022-01-20 11:40 – Updated: 2024-09-16 19:04
VLAI?
Summary
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE-335 - Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
Assigner
References
Impacted products
Vendor Product Version
Telenot Electronic GmbH CompasX Affected: unspecified , < 32.0 (custom)
Create a notification for this product.
Credits
X41 D-SEC GmbH, Markus Vervier, Yasar Klawohn
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:47.434Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CompasX",
          "vendor": "Telenot Electronic GmbH",
          "versions": [
            {
              "lessThan": "32.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "X41 D-SEC GmbH, Markus Vervier, Yasar Klawohn"
        }
      ],
      "datePublic": "2022-01-17T23:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eTelenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.\u003c/p\u003e"
            }
          ],
          "value": "Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-335",
              "description": "CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-09T10:43:57.672Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate to CompasX versions \u0026gt;= 32.0\u003c/p\u003e"
            }
          ],
          "value": "Update to CompasX versions \u003e= 32.0"
        }
      ],
      "source": {
        "defect": [
          "CERT@VDE#64025"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Telenot complex: Insecure AES Key Generation",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIt is strongly recommended to raise the security level during the time window until the AES keys can be changed to securely generated ones. The complex alarm systems supports alternative authentication factors that can be combined with the Desfire NFC tag authentication. An example for such an additional factor is a requirement for a valid PIN entry on the complex alarm system in addition to a successful Desfire authentication to disarm the alarm.\u003c/p\u003e"
            }
          ],
          "value": "It is strongly recommended to raise the security level during the time window until the AES keys can be changed to securely generated ones. The complex alarm systems supports alternative authentication factors that can be combined with the Desfire NFC tag authentication. An example for such an additional factor is a requirement for a valid PIN entry on the complex alarm system in addition to a successful Desfire authentication to disarm the alarm."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2022-01-18T11:00:00.000Z",
          "ID": "CVE-2021-34600",
          "STATE": "PUBLIC",
          "TITLE": "Telenot complex: Insecure AES Key Generation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "CompasX",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "32.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Telenot Electronic GmbH"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "X41 D-SEC GmbH, Markus Vervier, Yasar Klawohn"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/",
              "refsource": "CONFIRM",
              "url": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update to CompasX versions \u003e= 32.0"
          }
        ],
        "source": {
          "defect": [
            "CERT@VDE#64025"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "It is strongly recommended to raise the security level during the time window until the AES keys can be changed to securely generated ones. The complex alarm systems supports alternative authentication factors that can be combined with the Desfire NFC tag authentication. An example for such an additional factor is a requirement for a valid PIN entry on the complex alarm system in addition to a successful Desfire authentication to disarm the alarm."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2021-34600",
    "datePublished": "2022-01-20T11:40:11.195769Z",
    "dateReserved": "2021-06-10T00:00:00",
    "dateUpdated": "2024-09-16T19:04:37.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:telenot:compasx:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"32.0\", \"matchCriteriaId\": \"F1FA52CE-8A90-48A1-A922-26DCF9C0BC5D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.\"}, {\"lang\": \"es\", \"value\": \"Las versiones de Telenot CompasX anteriores a la 32.0 utilizan una semilla d\\u00e9bil para la generaci\\u00f3n de n\\u00fameros aleatorios, lo que hace que las claves AES utilizadas en las etiquetas NFC para la autorizaci\\u00f3n local de los usuarios sean predecibles. Esto puede llevar a la p\\u00e9rdida total de la fiabilidad de la instalaci\\u00f3n\"}]",
      "id": "CVE-2021-34600",
      "lastModified": "2024-11-21T06:10:47.507",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"info@cert.vde.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:N/A:N\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-01-20T12:15:08.240",
      "references": "[{\"url\": \"https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/\", \"source\": \"info@cert.vde.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "info@cert.vde.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"info@cert.vde.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-335\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-335\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-34600\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2022-01-20T12:15:08.240\",\"lastModified\":\"2024-11-21T06:10:47.507\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.\"},{\"lang\":\"es\",\"value\":\"Las versiones de Telenot CompasX anteriores a la 32.0 utilizan una semilla d\u00e9bil para la generaci\u00f3n de n\u00fameros aleatorios, lo que hace que las claves AES utilizadas en las etiquetas NFC para la autorizaci\u00f3n local de los usuarios sean predecibles. Esto puede llevar a la p\u00e9rdida total de la fiabilidad de la instalaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:N/A:N\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-335\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-335\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:telenot:compasx:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"32.0\",\"matchCriteriaId\":\"F1FA52CE-8A90-48A1-A922-26DCF9C0BC5D\"}]}]}],\"references\":[{\"url\":\"https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.