CVE-2013-7373

Android < 4.4 - Exposure of Sensitive Information via OpenSSL PRNG Seeding

Title source: llm
STIX 2.1

Description

Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications.

Scores

EPSS 0.0114
EPSS Percentile 62.9%

Details

CWE
CWE-200
Status published
Products (38)
google/android 1.0
google/android 1.1
google/android 1.5
google/android 1.6
google/android 2.0
google/android 2.0.1
google/android 2.1
google/android 2.2 (2 CPE variants)
google/android 2.2.1
google/android 2.2.2
... and 28 more
Published Apr 29, 2014
Tracked Since Feb 18, 2026