CVE-2013-7372

Name of the Vulnerable Software and Affected Versions Apache Harmony versions through 6.0M3 Android versions prior to 4.4

Description The issue concerns the SecureRandom implementation, specifically the engineNextBytes function in the SHA1PRNG SecureRandomImpl class. When no seed is provided, it uses an incorrect offset value, leading to predictability in the pseudo-random number generator (PRNG). This predictability can be exploited by attackers to defeat cryptographic protection mechanisms. There have been real-world incidents where this issue was exploited, notably against Bitcoin wallet applications in August 2013.

Recommendations For Apache Harmony versions through 6.0M3, consider updating to a version that addresses this issue, as the current implementation allows for PRNG predictability. For Android versions prior to 4.4, update to Android 4.4 or later to mitigate the risk associated with the predictable PRNG. At the moment, there is no information about additional mitigation measures for other affected products.