CVE-2014-2362

Description

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• http://support.oleumtech.com/
• http://www.securityfocus.com/bid/68797
• https://www.cisa.gov/news-events/ics-advisories/icsa-14-202-01a
• http://ics-cert.us-cert.gov/advisories/ICSA-14-202-01
• http://www.securityfocus.com/bid/68800

CWEs

CWE-338