CVEbaza.plCWE DictionaryCWE-339
Common Weakness Enumeration

CWE-339

Small Seed Space in PRNG

Category: VariantCVE: 2
Description

A Pseudo-Random Number Generator (PRNG) uses a relatively small seed space, which makes it more susceptible to brute force attacks.

Extended Description

PRNGs are entirely deterministic once seeded, so it should be extremely difficult to guess the seed. If an attacker can collect the outputs of a PRNG and then brute force the seed by trying every possibility to see which seed matches the observed output, then the attacker will know the output of any subsequent calls to the PRNG. A small seed space implies that the attacker will have far fewer possible values to try to exhaust all possibilities.

CVE vulnerabilities with CWE-339 (2)
8.4
CVSS
HIGH
CVE-2026-2815

Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys

pub. 2026-06-25
6.3
CVSS
MEDIUM
CVE-2024-10026

A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances.

pub. 2025-01-30
Information
ID: CWE-339
Type: Variant
Vulnerabilities: 2
MITRE CWE ↗
← CWE Dictionary