util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
(
CVE-2014-9294
)
Impact
Theoretically, a remote attacker can determine a weak key and manipulate NTP packets. However, no public exploits are known at this time.
AI Score
Confidence
EPSS
Percentile
92.0%