Samsung Galaxy S8 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability

Published on June 29th, 2020

Summary

Samsung Galaxy S8 suffers from use of cryptographically weak pseudo-random number generator (PRNG) vulnerability

Credit:

The information has been provided by Maxime Peterlin

The original article can be found at:https://security.samsungmobile.com/securityUpdate.smsb

Details

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8 devices with the BCM4361 chipset.

Vulnerable Systems:

Samsung Galaxy S8

Samsung Galaxy S8+

Samsung Galaxy Note8

CVE Information:

CVE-2020-6616

Disclosure Timeline:
Published Date:5/8/2020

Samsung Galaxy S8 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability

Summary

Credit:

Details

Featured News

HUAWEI P30 with versions earlier than 10.1.0.160 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Featured News

HUAWEI P30 with versions earlier than 10.1.0.135 Improper Verification of Cryptographic Signature Vulnerability

Featured News

HUAWEI P30 smartphone versions 10.1.0.135 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Samsung Galaxy S8 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability

Summary

Credit:

Details

Related Posts

Featured News

HUAWEI P30 with versions earlier than 10.1.0.160 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Featured News

HUAWEI P30 with versions earlier than 10.1.0.135 Improper Verification of Cryptographic Signature Vulnerability

Featured News

HUAWEI P30 smartphone versions 10.1.0.135 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability