C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F
-
Don’t Use Hard-coded Keys
- “DUHK is a vulnerability that affects devices using the ANSI X9.31 Random Number Generator (RNG) in conjunction with a hard-coded seed key…DUHK allows attackers to recover secret encryption keys from vulnerable implementations and decrypt and read communications passing over VPN connections or encrypted web sessions.”
- If you are using any of the following, ensure you’re on the latest firmware to mitigate:
- Fortinet FortiOS v4 (v5 is not vulnerable)
- Cisco Aironet
- BeCrypt Cryptographic Library
- DeltaCrypt FIPS Module
-
MRV LX-4000T/LX-8020S
- Neoscale CryptoStor
- Neopost Security Devices
- Renesas AE57C1
- TechGuard PoliWall-CCF
- Tendyron OnKey193
- ViaSat FlagStone Core
- Vocera Cryptographic Module