The product uses a cryptographic primitive that uses an Initialization Vector (IV), but the product does not generate IVs that are sufficiently unpredictable or unique according to the expected cryptographic requirements for that primitive.
View on MITREBy design, some cryptographic primitives (such as block ciphers) require that IVs must have certain properties for the uniqueness and/or unpredictability of an IV. Primitives may vary in how important these properties are. If these properties are not maintained, e.g. by a bug in the code, then the cryptography may be weakened or broken by attacking the IVs themselves.
If the IV is not properly initialized, data that is encrypted can be compromised and information about the data can be leaked. See [REF-1179].
No mitigation information available for this CWE.
No detection method information available for this CWE.
In the following examples, CBC mode is used when encrypting data:
In both of these examples, the initialization vector (IV) is always a block of zeros. This makes the resulting cipher text much more predictable and susceptible to a dictionary attack.
In the following examples, CBC mode is used when encrypting data:
In both of these examples, the initialization vector (IV) is always a block of zeros. This makes the resulting cipher text much more predictable and susceptible to a dictionary attack.
ZeroLogon vulnerability - use of a static IV of all zeroes in AES-CFB8 mode
View DetailsBEAST attack in SSL 3.0 / TLS 1.0. In CBC mode, chained initialization vectors are non-random, allowing decryption of HTTPS traffic using a chosen plaintext attack.
View Detailswireless router does not use 6 of the 24 bits for WEP encryption, making it easier for attackers to decrypt traffic
View DetailsWEP card generates predictable IV values, making it easier for attackers to decrypt traffic
View Detailscrypto framework uses PHP rand function - which is not cryptographically secure - for an initialization vector
View Detailsencryption routine does not seed the random number generator, causing the same initialization vector to be generated repeatedly
View Detailsencryption functionality in an authentication framework uses a fixed null IV with CBC mode, allowing attackers to decrypt traffic in applications that use this functionality
View Detailsmessages for a door-unlocking product use a fixed IV in CBC mode, which is the same after each restart
View Detailsapplication uses AES in CBC mode, but the pseudo-random secret and IV are generated using math.random, which is not cryptographically strong.
View DetailsBlowfish-CBC implementation constructs an IV where each byte is calculated modulo 8 instead of modulo 256, resulting in less than 12 bits for the effective IV length, and less than 4096 possible IV values.
View DetailsNo relationship information available for this CWE.
CWE-1204: Generation of Weak Initialization Vector (IV) is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product uses a cryptographic primitive that uses an Initialization Vector (IV), but the product does not generate IVs that are sufficiently unpredictable or unique according to the expected cryptographic requirements for that primitive. By design, some cryptographic primitives (such as block ciphers) require that IVs must have certain properties for the uniqueness and/or unpredictability of an IV. Primitives may vary in how important these properties are. If these properties are not maintained, e.g. by a bug in the code, then the cryptography may be weakened or broken by attacking the IVs themselves.
If exploited, CWE-1204 (Generation of Weak Initialization Vector (IV)) it can compromise Confidentiality, leading to outcomes such as Read Application Data.
CWE-1204 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
MITRE documents real CVEs mapped to CWE-1204, including CVE-2020-1472, CVE-2011-3389, CVE-2001-0161, CVE-2001-0160 and CVE-2017-3225. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.
A CWE (Common Weakness Enumeration) like CWE-1204 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.