CVE-2021-34600 - OpenCVE

Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:C/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Telenot	Compasx

Configuration 1 [-]

cpe:2.3:a:telenot:compasx:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/

History

Mon, 16 Sep 2024 19:15:00 +0000

Type	Values Removed	Values Added
Description	Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.	Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2022-01-20T11:40:11.195769Z

Updated: 2024-09-16T19:04:37.485Z

Reserved: 2021-06-10T00:00:00

Link: CVE-2021-34600

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-01-20T12:15:08.240

Modified: 2024-09-16T19:15:58.663

Link: CVE-2021-34600

Redhat

No data.

{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CompasX", "vendor": "Telenot Electronic GmbH", "versions": [{"lessThan": "32.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "X41 D-SEC GmbH, Markus Vervier, Yasar Klawohn"}], "datePublic": "2022-01-17T23:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.</p>"}], "value": "Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-335", "description": "CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2023-08-09T10:43:57.672Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update to CompasX versions >= 32.0</p>"}], "value": "Update to CompasX versions >= 32.0"}], "source": {"defect": ["CERT@VDE#64025"], "discovery": "EXTERNAL"}, "title": "Telenot complex: Insecure AES Key Generation", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>It is strongly recommended to raise the security level during the time window until the AES keys can be changed to securely generated ones. The complex alarm systems supports alternative authentication factors that can be combined with the Desfire NFC tag authentication. An example for such an additional factor is a requirement for a valid PIN entry on the complex alarm system in addition to a successful Desfire authentication to disarm the alarm.</p>"}], "value": "It is strongly recommended to raise the security level during the time window until the AES keys can be changed to securely generated ones. The complex alarm systems supports alternative authentication factors that can be combined with the Desfire NFC tag authentication. An example for such an additional factor is a requirement for a valid PIN entry on the complex alarm system in addition to a successful Desfire authentication to disarm the alarm."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2022-01-18T11:00:00.000Z", "ID": "CVE-2021-34600", "STATE": "PUBLIC", "TITLE": "Telenot complex: Insecure AES Key Generation"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "CompasX", "version": {"version_data": [{"version_affected": "<", "version_value": "32.0"}]}}]}, "vendor_name": "Telenot Electronic GmbH"}]}}, "credit": [{"lang": "eng", "value": "X41 D-SEC GmbH, Markus Vervier, Yasar Klawohn"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"}]}]}, "references": {"reference_data": [{"name": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/", "refsource": "CONFIRM", "url": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/"}]}, "solution": [{"lang": "en", "value": "Update to CompasX versions >= 32.0"}], "source": {"defect": ["CERT@VDE#64025"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "It is strongly recommended to raise the security level during the time window until the AES keys can be changed to securely generated ones. The complex alarm systems supports alternative authentication factors that can be combined with the Desfire NFC tag authentication. An example for such an additional factor is a requirement for a valid PIN entry on the complex alarm system in addition to a successful Desfire authentication to disarm the alarm."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:19:47.434Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/"}]}]}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2021-34600", "datePublished": "2022-01-20T11:40:11.195769Z", "dateReserved": "2021-06-10T00:00:00", "dateUpdated": "2024-09-16T19:04:37.485Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:telenot:compasx:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1FA52CE-8A90-48A1-A922-26DCF9C0BC5D", "versionEndExcluding": "32.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation."}, {"lang": "es", "value": "Las versiones de Telenot CompasX anteriores a la 32.0 utilizan una semilla d\u00e9bil para la generaci\u00f3n de n\u00fameros aleatorios, lo que hace que las claves AES utilizadas en las etiquetas NFC para la autorizaci\u00f3n local de los usuarios sean predecibles. Esto puede llevar a la p\u00e9rdida total de la fiabilidad de la instalaci\u00f3n"}], "id": "CVE-2021-34600", "lastModified": "2024-09-16T19:15:58.663", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "info@cert.vde.com", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Secondary"}]}, "published": "2022-01-20T12:15:08.240", "references": [{"source": "info@cert.vde.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.x41-dsec.de/lab/advisories/x41-2021-003-telenot-complex-insecure-keygen/"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-335"}], "source": "info@cert.vde.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-335"}], "source": "nvd@nist.gov", "type": "Secondary"}]}