This is a weakness in the cryptographic protocol that generates the RNG. The seed can be used to generate all possible RNG values, making it a weak RNG. If an attacker is able to compromise the seed of a device, they can predict the RNG values of the RNG. This weakness in the RNG can be used to brute force the password to access the device. This is a serious issue since the password is used to secure the device and protect its content.

This issue was discovered by Aleksandar Nikolic of Securibot. There are two ways to patch this issue. The first way is to update the firmware of the D-Link COVR 1200,1202,1203. The D-Link COVR 1200,1202,1203 v1.08 has a daily update feature that will patch the RNG weakness. The second way is to disable the daily update feature on the D-Link COVR 1200,1202,1203 v1.08. This solution is not as effective and will not work on all devices.

The first way to patch this issue is to update the firmware of the D-Link COVR 1200,1202,1203. The D-Link COVR 1200,1202,1203 v1.08 has a daily update feature that will patch the RNG weakness. The second way to patch this issue is to disable the daily update feature on the D-Link COVR 1200,1202,1203 v1.08. This solution is not as effective and will not work on all devices.

Timeline

Published on: 10/13/2022 19:15:00 UTC
Last modified on: 10/18/2022 12:21:00 UTC

References