CWE-1279— Cryptographic Operations are run Before Supporting Units are Ready
Performing cryptographic operations without ensuring that the supporting inputs are ready to supply valid data may compromise the cryptographic result.— MITRE CWE catalog
3 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1279page 1 of 1
- CVE-2023-4489CRITICALCVSS 9.8EG 6.42023-12-14
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing netw…
- CVE-2024-22473MEDIUMCVSS 6.8EG 6.82024-02-21
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure Vault (VSE) devices. This defect may allow Signature Spoofing by Key Recreation.This issue affects Gecko SDK through v4.4.0.
- CVE-2025-29779MEDIUMCVSS 5.4EG 5.42025-03-14
Post-Quantum Secure Feldman's Verifiable Secret Sharing provides a Python implementation of Feldman's Verifiable Secret Sharing (VSS) scheme. In versions 0.8.0b2 and prior, the `secure_redundant_execution` function in feldman_vss.py attemp…
Map vulnerabilities like CWE-1279 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1279 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →