Home

Description

Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a (distributed in 9.30.2881 (MR3)), 9.20 prior to vCR9.20.251028a (distributed in 9.20.3265 (MR5)), 9.10 prior to vCR9.10.251028a (distributed in 9.10.4135 (MR8)), all versions of 9.00 and prior.

PUBLISHED Reserved 2025-11-11 | Published 2025-11-18 | Updated 2025-11-19 | Assigner Gallagher




MEDIUM: 5.7CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

Product status

Default status
unaffected

Any version
affected

9.30 (custom) before vCR9.30.251028a
affected

9.20 (custom) before vCR9.20.251028a
affected

9.10 (custom) before vCR9.10.251028a
affected

References

security.gallagher.com/...Security-Advisories/CVE-2025-52578

cve.org (CVE-2025-52578)

nvd.nist.gov (CVE-2025-52578)

Download JSON