Conversation
New assessment for topic: CVE-2024-31497

Topic description: "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures ..."

"CVE-2024-31497 is a cryptographic flaw (specifically [CWE-338](http://cwe.mitre.org/data/definitions/338.html), or "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)") in PuTTY 0.68 through 0.80 ..."

Link: https://attackerkb.com/assessments/5c3654b6-3f53-4658-a932-fd39bf0d6c28
0
0
0