CVE-2021-41096
HIGHRucky < 2.2 - Use of a Broken or Risky Cryptographic Algorithm
Title source: llmDescription
Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm (RSA/ECB/PKCS1Padding). The issue will be patched in v2.3 for release builds and 426 onwards for nightly builds. As a workaround, one may disable an advance security feature if not required.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_confirm
https://github.com/mayankmetha/Rucky/security/advisories/GHSA-32m7-456v-wgfw
Patch, Third Party Advisory x_refsource_misc
https://github.com/mayankmetha/Rucky/commit/5e3a477365009f488a73efd26a91168502de1b93
Scores
CVSS v3
7.5
EPSS
0.0065
EPSS Percentile
46.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-327
Status
published
Products (1)
rucky_project/rucky
< 2.2
Published
Sep 27, 2021
Tracked Since
Feb 18, 2026