CVE-2012-4687

Published: Dec 8, 2012Modified: Apr 29, 2026

7.6

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 4.9 / Impact: 10.0

Source: NVD

Description

Post Oak AWAM Bluetooth Reader Traffic System does not use a sufficient source of entropy for private keys, which makes it easier for man-in-the-middle attackers to spoof a device by predicting a key value.

Affected (1)

Products: Postoaktraffic: Awam Bluetooth Reader

Postoaktraffic

1 product

Awam Bluetooth Reader

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Postoaktraffic Awam Bluetooth Reader	All versions

Related CWEs

CWE-310

CWE-331

Insufficient Entropy

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

References (3)

http://www.postoaktraffic.com/contact.aspx

Source: ics-cert@hq.dhs.gov

https://www.cisa.gov/news-events/ics-advisories/icsa-12-335-01

Source: ics-cert@hq.dhs.gov

http://www.us-cert.gov/control_systems/pdf/ICSA-12-335-01.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

Timeline

No history available yet.