Skip to main content

CWE-332

Insufficient Entropy in PRNG

1 CVEs Avg CVSS 7.4 MITRE
0
CRITICAL
1
HIGH
0
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2026-3290 HIGH PATCH This Week

Hardware random number generator (HRNG) in Silicon Labs RS9116 SDK versions up to 2.13.1 produces predictable cryptographic values when the wireless module operates in power save mode, enabling adjacent attackers with user interaction to compromise encrypted communications and authentication mechanisms. Vendor patch available via GitHub; no active exploitation confirmed but cryptographic weakness poses high risk to WiFi/Bluetooth IoT deployments relying on the affected module's entropy source.

Information Disclosure
NVD GitHub
CVSS 4.0
7.4
EPSS
0.0%
CVE-2026-3290
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Hardware random number generator (HRNG) in Silicon Labs RS9116 SDK versions up to 2.13.1 produces predictable cryptographic values when the wireless module operates in power save mode, enabling adjacent attackers with user interaction to compromise encrypted communications and authentication mechanisms. Vendor patch available via GitHub; no active exploitation confirmed but cryptographic weakness poses high risk to WiFi/Bluetooth IoT deployments relying on the affected module's entropy source.

Information Disclosure
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy