CWE-333: Improper Handling of Insufficient Entropy in TRNG

VariantDraftExploit Likelihood: Low

True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.

View on MITRE
Back to CWE Lookup

Extended Description

The rate at which true random numbers can be generated is limited. It is important that one uses them only when they are needed for security.

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-333

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references