Samsung Galaxy S8 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability


Samsung Galaxy S8 suffers from use of cryptographically weak pseudo-random number generator (PRNG) vulnerability


The information has been provided by Maxime Peterlin

The original article can be found at:


Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8 devices with the BCM4361 chipset.


Vulnerable Systems:

Samsung Galaxy S8

Samsung Galaxy S8+

Samsung Galaxy Note8 


CVE Information:



Disclosure Timeline:
Published Date:5/8/2020

Categories: FeaturedNews